A service mesh is an emerging architecture for dynamically linking to one another the chunks of server-side applications — most notably, the microservices — that collectively form an application. These can be the components that were intentionally composed as part of the same application, as well as those from different sources altogether that may benefit from sharing workloads with one another.
Real-world service meshes you can use now
Perhaps the oldest effort in this field — one which, through its development, revealed the need for a service mesh in the first place — is an open source project called Linkerd (pronounced “linker — dee”), now maintained by the Cloud-Native Computing Foundation. Born as an offshoot of a Twitter project, Linkerd popularized the notion of devising a proxy for each service capable of communicating with similar proxies, over a purpose-built network. Its commercial steward, Buoyant, has recently merged a similar effort called Conduit into the project, to form Linkerd 2.0.
Meanwhile at car-sharing service Lyft, an engineer named Matt Klein devised a method for building a network that represented existing code — even when it was bound to a legacy “monolith” — as microservices with APIs. This became Envoy, which is now one of the components of a project that includes the work of IBM and Google, to produce a framework called Istio.
Also: Open source SDN project could let network admins duplicate production environments TechRepublic
When it’s doing its job the way it was intended, a service mesh enables potentially thousands of microservices sharing a distributed data center platform to communicate with one another, and participate together as part of an application, even if they weren’t originally constructed as components of that application to begin with.
Its counterpart in the server/client and Web applications world is something you may be familiar with: Middleware. After the turn of the century, components of Web applications were being processed asynchronously (not in time with one another), so they often needed some method of inter-process communication, if only for coordination. The enterprise service bus (ESB) was one type of middleware that could conduct these conversations under the hood, making it possible for the first time for many classes of server-side applications to be integrated with one another.
A microservices application is structured very differently from a classic server/client model. Although its components utilize APIs at their endpoints, one of the hallmarks of its behavior is the ability for services to replicate themselves throughout the system as necessary — to scale out. Because the application structure is constantly changing, it becomes more difficult over time for an orchestrator like Kubernetes to pinpoint each service’s location on a map. It can orchestrate a complex containerized application, but as scale rises linearly, the effort required rises exponentially.
Suddenly, servers really need a service mesh to serve as their communications hub, especially when there are a multitude of simultaneous instances (replicas) of a service propagated throughout the system, when a component of code only needs to contact one.
Also: How the Linkerd service mesh can help businesses TechRepublic
From unknown entity to vital necessity
Most modern applications, with fewer and fewer exceptions, are hosted in a data center or on a cloud platform, and communicate with you via the Internet. For decades, some portion of the server-side logic — often large chunks — has been provided by reusable code, through components called libraries. The C programming language pioneered the linking of common libraries; more recently, operating systems such as Microsoft Windows provided dynamic link libraries (DLL) which are patched into applications at run time.
So obviously you’ve seen services at work, and they’re nothing new in themselves. Yet there is something relatively new called microservices, which as we’ve explained here in some depth, are code components designed not only to be patched into multiple applications on-demand, but also scale out. This is how an application supports multiple users simultaneously without replicating itself in its entirety — or, even less efficiently, replicating the virtual server in which it may be installed, which is how load balancing has worked up to now during the first era of virtualization.
A service mesh is an effort to keep microservices in touch with one another, as well as the broader application, as all this scaling up and down is going on. It is the most liberal, spare-no-effort, pull-out-all-the-stops approach to enabling a microservices architecture for a server-side application, with the aim of guaranteeing connectivity, availability, and low latency.
Also: Why it’s time to open source the service mesh TechRepublic
SDN for the very top layer
Think of a service mesh as software-defined networking (SDN) at the level of executable code. In an environment where all microservices are addressable by way of a network, a service mesh redefines the rules of the network. It takes the application’s control plane — its network of contact points, like its nerve center — and reroutes its connections through a kind of dynamic traffic management complex. This hub is made up of several components that monitor the nature of traffic in the network, and adapt the connections in the control plane to best suit it.
SDN separates the control plane from the data plane of a network, in order that it can literally rebuild the control plane as necessary. This brings components that need each other closer together, without impacting the data plane on which the payload is bound. In the case of network servers that address each other using Layers 3 and 4 of the OSI network model, SDN routes packets along simplified paths to increase efficiency and reduce latency.
Borrowing that same idea, a service mesh such as Istio produces a kind of network overlay for Layer 7 of OSI, decoupling the architecture of the service network from that of the infrastructure. This way, the underlying network can be changed with far fewer chances of impacting service operations and microservices connectivity.
Also: What is SDN? How software-defined networking changed everything
“As soon as you install it, the beauty of Istio and all its components,” remarked Bahubali Shetti, director of public cloud solutions for VMware during a recent public demonstration, “is that it automatically loads up components around monitoring and logging for you. So you don’t have to load up Prometheus or Jaeger [respectively]; it comes with them already. And it gives you a couple of additional visibility tools.
“This is a service-to-service intercommunications mechanism,” Shetti continued. “You can have services on GKE
, PKS [Pivotal Kubernetes Service] and VKE [VMware Kubernetes Engine], all interconnected and running. It helps manage all of that.”
Also: What is SDN? How software-defined networking changed everything
Complementing, not overlapping, Kubernetes
Now, if you’re thinking, “Isn’t network management at the application layer the job of the orchestrator (Kubernetes)?” then think of it like this: Kubernetes doesn’t really want to manage the network. It has a very plain, unfettered view of the application space as multiple clusters for hosting pods, and would prefer things stay that way, whether it’s running on-premises, in a hybrid cloud, or on a “cloud-native” service platform such as Azure AKS or Pivotal PKS. When a service mesh is employed, it takes care of all the complexity of connections on the back end, ensuring that the orchestrator can concentrate on the application rather than its infrastructure.
Also: What Kubernetes really is, and how orchestration redefines the data center
The very sudden rise of the service mesh, and particularly of the Istio framework, is important for the following reasons:
- It helps standardize the profile of microservices-based applications. The behavior of a highly distributed application can be very dependent on the network that supports it. When such behaviors are drastically different, it can be a challenge for a configuration management system to maintain availability for an application on one network that has far fewer challenges on another network. A service mesh does all the folding, spindling, and mutilating — it makes a unique data center look plainer and more unencumbered to the orchestrator.
- It opens up greater opportunities for monitoring, and then potentially improving, the behavior of distributed applications. A good service mesh is designed to place highly requested components in a location on the application control plane where they can be most easily accessible — not unlike a very versatile “speed dial.” So it’s already looking for components that fail health checks or that utilize resources less efficiently. This data can be charted and shared, revealing behavioral traits that developers can take note of when they’re improving their builds with each new iteration.
- It creates the potential for a new type of dynamic, policy-based security mechanism. As we explored last December in ZDNet Scale, microservices pose a unique challenge in that each one may have a very brief lifespan, making the issue of an unimpeachable identity to it almost pointless. A service mesh has an awareness of microservice instances that transcends identity — its job is to know what’s running and where. It can enforce policies on microservices based on their type and their behavior, without resorting to the rigamarole of assigning them unique identities.
Previous and related coverage:
Microservices and containers in service meshes mean less chaos, more agility
For enterprises, it’s full speed ahead with microservices. This may speed up the development of chaos-proof service meshes.
To be a microservice: How smaller parts of bigger applications could remake IT
If your organization could deploy its applications in the cloud the way Netflix does, could it reap the same kinds of benefits that Netflix does? Perhaps, but its business model and maybe even its philosophy might have to be completely reformed — not unlike jumping the chasm from movies-by-mail to streaming content.
Micro-fortresses everywhere: The cloud security model and the software-defined perimeter
A months-old security firm has become the braintrust of engineers working to build the Software-Defined Perimeter — a mechanism for enforcing firewall and access rules on a per-user level. How would SDP remake the ancient plan of the software fortress?
More from ZDNet scale:
2021 VW ID.4 electric range gets EPA confirmed – Here’s how it compares
Volkswagen’s new all-electric crossover, the 2021 ID.4, has sailed through US EPA testing with no upset in its range results, an important milestone as the automaker tries to make a splash in the affordable EV segment. Arriving at dealerships imminently, the ID.4 is America’s first taste of VW’s MEB platform, its purpose-built architecture for battery-electric vehicles.
That’s a departure from the previous pure-electric models that VW has offered in North America before. The discontinued e-Golf, for example, may have been an EV but it was based on the same platform as the standard, internal combustion version of the car.
MEB, though, was designed from the outset with electric drive alone in mind. Flexible enough to scale down to compact urban hatchbacks and up through luxury sedans to large SUVs, it can also be set up with front-, rear-, or all-wheel drive, and with differing battery pack sizes to balance range, weight, and price. For the first examples of the 2021 ID.4, Volkswagen opted for an 82 kWh battery and RWD, with the single electric motor good for 201 horsepower and 228 lb-ft of torque.
That, the automaker predicted, would work out to 250 miles on the EPA’s test cycle. Sure enough, when the US Environmental Protection Agency published the 2021 ID.4’s numbers – for both the limited-availability ID.4 1st and the ID.4 Pro S, which have the same battery pack – it clocks in at the expected 250 miles.
It’s enough to put the ID.4 firmly in the midst of its electric vehicle segment. Tesla’s numbers remain the range to beat, with the Model Y rated between 291 and 316 miles by the EPA, while Chevrolet’s Bolt EV – a little smaller than the ID.4 – drops in at 259 miles. Ford’s Mustang Mach-E, also just about to arrive at US dealerships, had its range figures certified by the EPA earlier in the week; it will do between 211 and 300 miles, depending on model and drivetrain configuration.
Over at Hyundai, the 2021 Kona Electric is similarly priced to the ID.4, and rated at 258 miles on a charge. Audi’s e-tron and e-tron Sportback, along with the Jaguar I-PACE, are more expensive than the VW, and fall short of its quoted range too – at 220, 218, and 234 miles, respectively – though badge prestige might offset any disappointment there. Volvo’s new 2021 XC40 Recharge and its 2021 Polestar 2 cousin are rated by the EPA at 208 and 233 miles, respectively.
These first two ID.4 models, of course, are only the start of Volkswagen’s assault on the EV space. As well as other configurations of the crossover – including all-wheel drive variants due next year – there’ll be other vehicles based on the MEB platform as the automaker chases its ambitious electric sales goals. Meanwhile, the sticker price of the ID.4 itself is expected to dip too. Though the current cars are being shipped over to the US from Germany, from 2022 VW plans to build the electric crossover in the US as well; the localized, North American-made ID.4 could start from around $35,000 before any credits or incentives.
Bugatti Chiron Sport Les Légendes du Ciel pays tribute to aviation legends
Few are aware of Bugatti’s glorious aviation history. Paying homage to ‘The Legends of the Sky’ is a limited run Bugatti Chiron Les Légendes du Ciel based on the Chiron Sport. Only 20 examples of Les Légendes du Ciel are slated for production, and Bugatti is asking $3.42 million (€2.88 million) for each car.
“Bugatti has had close associations with aviation since the company was established more than 110 years ago,” said Stephan Winkelmann, President of Bugatti. Company founder Ettore Bugatti was always fascinated by aviation. Bugatti began developing aircraft engines in 1915. But in 1938, Bugatti began working on the Model 100, a racing aircraft designed to compete in the Deutsch de la Meurthe Cup Race.
“Many successful Bugatti racing drivers, such as Albert Divo, Robert Benoist, and Bartolomeo ‘Meo’ Costantini, flew for the French Air Force, the French aviator legend Roland Garros privately drove a Bugatti Type 18 to be as fast on the road as in the air,” added Winkelmann. “It is therefore almost an obligation for us today to pay tribute to the legends of that time and dedicate a special edition to them.”
As expected, the Chiron Sport Les Légendes du Ciel is brimming with vintage aviation-inspired memorabilia. You’ll find a bevy of aircraft and propeller logos on the seat headrests, front fenders, and center console. The door panels, meanwhile, bear a sketch of a Bugatti Type 13 race car and a Nieuport 17 airplane, the latter of which is a French biplane built in 1916.
All 20 examples of Chiron Sport Les Légendes du Ciel are finished in bespoke Gris Serpent matte gray paint. Other exterior highlights include a gloss white racing stripe, a gloss black front grille surround, and the blue, white, and red colors of the French flag on the side sills.
Meanwhile, the interior is resplendent in fine Gaucho light brown leather and premium aluminum trim. Optional equipment includes comfort seats and a ‘Sky View’ glass roof.
The limited-edition Les Légendes du Ciel Bugatti Chiron Sport remains powered by a gargantuan 8.0-liter W16 turbocharged engine producing 1,479 horsepower and 1,180 pound-feet of torque. Production of this exclusive model will start near the end of 2020.
2021 Bugatti Chiron Sport Les Légendes du Ciel Gallery
Fourth Ram Truck “Built to Serve Edition” pickup lands in Q1
Ram Truck has announced that the fourth edition of its armed forces-inspired and limited-edition “Built to Serve” trucks is ready to go. The Built to Serve Edition Ram 1500 pickups honor the five branches of the US Armed Forces. Ram is offering the fourth edition of the pickup with 1000 models in Tank and 1000 units in Flame Red.
The interior is inspired by the military and features Medium Greystone accents and standard content that encourages owner customization. The fourth edition of the truck series will be in showrooms in Q1 2021. The trucks are meant to be a way to honor all those who serve or have served in the United States Armed Forces.
Ram continues to launch a new Built to Serve Edition model representing one of the land, sea, or air military branches approximately every three months. Each of the five military service branches has been or will be honored with two specially selected exterior paint colors that “evoke the spirit, the mission, and history of that service.”
Built to Serve Edition trucks are offered in the following colors and production numbers:
- Gator (1,000 units) and Diamond Black Crystal (1,000)
- Ceramic Gray (1,000) and Patriot Blue (1,000)
- Anvil (1,250) and Billet Silver Metallic (1,500)
- Tank (1,000) and Flame Red (1,000)
- Spitfire (500) and Bright White (500)
The special edition trucks have a unique treatment on the front end with an all-black grille and surround, black bumpers, and premium lighting with black bezels. The trucks also feature black badges, black wheel-to-wheel sidesteps, and dual four-inch black exhaust tips. Interiors are accented with unique corresponding color stitching in light frost, light ambassador blue, light diesel gray, medium greystone, or orange. The trucks also have several other special touches, and trucks with the 4×4 off-road group feature number of skid plates and all-terrain tires.
Samsung One UI 3.0 beta for Galaxy Note 10 ends, Galaxy S10 begins
Android 11 was released to the public on September 8, 2020. In the old world order, it wouldn’t be until...
Google TV Android app is mysteriously blocking Netflix
As with its messaging services and, more recently, music streaming, Google’s video entertainment strategy isn’t exactly the most consistent. It...
Chrome Actions will turn the address bar into a command prompt
The web browser address bar has long ceased simply being a place where you type in a website’s URL or...
Fujifilm GFX100 can now produce 400MP images with a firmware update
Given the onslaught of smartphones, camera makers have had to step up to offer features that would be difficult to...
ZTE is still a security threat according to FCC decision
Some might presume that recent political changes in the US government might weaken the campaign against certain US companies but...
Social10 months ago
CrashPlan for Small Business Review
Gadgets2 years ago
A fictional Facebook Portal videochat with Mark Zuckerberg – TechCrunch
Mobile2 years ago
Memory raises $5M to bring AI to time tracking – TechCrunch
Social2 years ago
iPhone XS priciest yet in South Korea
Cars2 years ago
What’s the best cloud storage for you?
Security2 years ago
Google latest cloud to be Australian government certified
Cars2 years ago
Some internet outages predicted for the coming month as ‘768k Day’ approaches
Social2 years ago
Apple’s new iPad Pro aims to keep enterprise momentum