skip to Main Content

Recently I have built several microservices within a k8s cluster with Nginx ingress controller and they are working normally.

When dealing with communications among microservices, I attempted gRPC and it worked. Then I discover when microservice A -> gRPC -> microservice B, all requests were only occurred at 1 pod of microservice B (e.g. total 10 pods available for microservice B). In order to load balance the requests to all pods of microservice B, I attempted linkerd and it worked. However, I realized gRPC sometimes will produce internal error (e.g. 1 error out of 100 requests), making me changed to using the k8s DNS way (e.g. my-svc.my-namespace.svc.cluster-domain.example). Then, the requests never fail. I started to hold up gRPC and linkerd.

Later, I was interested in istio. I successfully deployed it to the cluster. However, I observe it always creates its own load balancer, which is not so matching with the existing Nginx ingress controller.

Furthermore, I attempted prometheus and grafana, as well as k9s. These tools let me have better understanding on cpu and memory usage of the pods.

Here I have several questions that I wish to understand:-

  1. If I need to monitor cluster resources, we have prometheus, grafana and k9s. Are they doing the same monitoring role as service mesh (e.g. linkerd, istio)?
  2. if k8s DNS can already achieve load balancing, do we still need service mesh?
  3. if using k8s without service mesh, is it lag behind the normal practice?

Actually I also want to use service mesh every day.

2

Answers


  1. The simple answer is

    Service mesh for a kubernetes server is not necessary

    Now to answer your questions

    If I need to monitor cluster resources, we have prometheus, grafana and k9s. Are they doing the same monitoring role as service mesh (e.g. linkerd, istio)?

    K9s is a cli tool that is just a replacement to the kubectl cli tool. It is not a monitor tool. Prometheus and grafana are monitoring tools that will need use the data provided by applications(pods) and builds the time-series data which can be visualized as charts, graphs etc. However the applications have to provide the monitoring data to Prometheus. Service meshes may use a sidecar and provide some default metrics useful for monitoring such as number of requests handled in a second. Your application doesn’t need to have any knowledge or implementation of the metrics. Thus service meshes are optional and it offloads the common things such as monitoring or authorization.

    if k8s DNS can already achieve load balancing, do we still need service mesh?

    Service meshes are not needed for load balancing. When you have multiple services running in the cluster and want to use a single entry point for all your services to simplify maintenance and to save cost, Ingress controllers such as Nginx, Traefik, HAProxy are used. Also, service meshes such as Istio comes with its own ingress controller.

    if using k8s without service mesh, is it lag behind the normal practice?

    No, there can be clusters that don’t have service meshes today and still use Kubernetes.

    In the future, Kubernetes may bring some functionalities from service meshes.

    Login or Signup to reply.
  2. Service mesh is not a silver bullet and it doesn’t fit into every use case. Service mesh will not do everything for you, it also have bugs and limited features.

    1. You can use Prometheus without Istio and have a very nice app monitoring. Service mesh can simplify some monitoring tasks for you, but it doesn’t mean you cannot do it yourself.
    2. Please don’t think of DNS as load balancing solution. Kubernetes have Services and Ingresses to do load balancing. Nginx Ingress today is very powerful and have many advanced features.
    3. It heavily depends on your use case.
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search