Book Image

Mastering Service Mesh

By : Anjali Khatri, Vikram Khatri
Book Image

Mastering Service Mesh

By: Anjali Khatri, Vikram Khatri

Overview of this book

Although microservices-based applications support DevOps and continuous delivery, they can also add to the complexity of testing and observability. The implementation of a service mesh architecture, however, allows you to secure, manage, and scale your microservices more efficiently. With the help of practical examples, this book demonstrates how to install, configure, and deploy an efficient service mesh for microservices in a Kubernetes environment. You'll get started with a hands-on introduction to the concepts of cloud-native application management and service mesh architecture, before learning how to build your own Kubernetes environment. While exploring later chapters, you'll get to grips with the three major service mesh providers: Istio, Linkerd, and Consul. You'll be able to identify their specific functionalities, from traffic management, security, and certificate authority through to sidecar injections and observability. By the end of this book, you will have developed the skills you need to effectively manage modern microservices-based applications.
Table of Contents (31 chapters)
1
Section 1: Cloud-Native Application Management
4
Section 2: Architecture
8
Section 3: Building a Kubernetes Environment
10
Section 4: Learning about Istio through Examples
18
Section 5: Learning about Linkerd through Examples
24
Section 6: Learning about Consul through Examples

Enabling rate limits

Through Mixer, we can rate limit a service dynamically. If you are providing software as a service through a REST API for some business function, rate limits can be handy to prevent abuse of the system by users. Rules can be set to identify a user, count the number of requests, and reject requests after a limit. Rate limits allow a fair share of the system for the users.

In this example, we configure rate-limit traffic to productpage originating from the local IP address to showcase this feature. We use the x-forwarded-for request header as the client IP address and use a conditional rate limit that exempts logged-in users.

We can accomplish rate limit enforcement through the following scheme:

It creates a quota, then defines the quota specification and quota specification binding. Finally, the quota specification is bound to the productpage microservice...