[Report]Running microservices in Amazon EKS with AWS App Mesh #AWSUGIndia



I was able to attend the virtual session and learn more about a service that I did not know much about, so I will blog about it.

Session Overview:

In this session, we will tell you about the AWS app Mesh Capabilities and new features that enhance container services' security, observability, and resilience. After a brief overview of App Mesh and its capabilities, we will dive application on Amazon EKS. You will learn how to deploy and configure App Mesh in the cluster, with an in-depth explanation of its components.

Speaker: Mahima Saran, Sr. Technical Account Manager at Amazon Web Services

Agenda :

  1. Key Challenges With Micro services?
  2. Why service mesh?
  3. What is App Mesh
  4. Lets Meshyfy an EKS- Product Catalog Application
  5. Demo

Key Challenges With Micro services?

  1. Service to Service Communication with introduction of new service we have to manage communication and dependency between old and new Service witch increase its complexity
  2. Performance Issues It takes more time to identify the root cause of performance issue and resolve the same.
  3. Fault Tolerance As there a multiple points of failure it requires a lot of time to write logic
  4. operational Challenges Addition of each micro Services comes with Adding of monitoring challenge, scalability challenge , high availability challenge etc
  5. polyglot language and frameworks each micro service are written in different languages so we have to write same service to service communication logic in multiple language
  6. Security authentication and securing the communication among these services are challenging

What is service mesh?

  1. A Dedicated infrastructure layer for for facilitating inter Service communication in micro service world.
  2. Mediates all communication in and out of each service.
  3. Is Language agnostic
  4. Fast Reliable and Secure
  5. Often implemented as a side car

Service mesh Architecture

Data Plane: it is a proxy Service that handles communication between the services inside the mesh

Each data plane proxy must connect to the control plane in order to register itself and receive configuration details.

Control Plane: it oversees policies and configurations for the data plane "it does not handle any data". it manage and configure the sidecar proxies to enforce policies and collect telemetry.

Benefits of Service mesh?

Developers can focus on adding Business value, instead of writing service to service communication logic

Apps are more resilient to downtime, since a service mesh can reroute requests away from failed services

Reduce the complexity in the micro service code by abstracting the common infrastructure related functionality to a different layer

Reduce code duplication

provide loose coupling between application code and underlying platform

faster development, testing and deployment of applications

Service Mesh Features?

  1. Load balancing: Service meshes can distribute incoming requests across multiple instances of a service, which can improve the overall performance and reliability of the application.
  2. Service discovery: Service meshes can help to locate and route requests to the appropriate service instances, even if those instances are located in different regions or cloud environments.
  3. Observability: Service meshes can provide detailed visibility into the communication between services, including metrics such as request latency, error rates, and traffic patterns.
  4. Resilience: Service meshes can help to ensure that an application remains available and responsive even in the face of failures or issues with individual services, through features such as circuit breaking, retries, and timeouts.
  5. Security: Service meshes can provide security features such as encryption, authentication, and authorization to help protect against malicious attacks and unauthorized access.
  6. Policy enforcement: Service meshes can help to enforce service-level policies, such as rate limiting or access control, to ensure that services are used appropriately and that the overall system remains stable.
  7. Configuration management: Service meshes can help to manage the configuration of services, including injecting service-specific configuration data and enabling runtime updates to service configurations.
  8. Traffic management: Service meshes can help to control the flow of traffic between services, including features such as A/B testing, canary releases, and blue-green deployments.

What is Sidecar Pattern?

software architecture pattern that involves splitting a complex application into two or more separate components, each running in its own process. One of these components, called the "sidecar," is responsible for providing a specific set of functions or capabilities that the main application can use.

The sidecar pattern is often used to add new features or capabilities to an existing application without the need to make changes to the main application code. This can be useful when the main application is large and complex, and modifying it could be risky or time-consuming.

AWS App Mesh: Application-level networking

Fully AWS managed control plane The data plane for App Mesh is the opensource Envoy proxy Standardizes service communication Envoy Simplifies observability solutions Compatible with AWS compute primitives

App Mesh Components - Custom resource definations(CRD):

Service mesh -  logical boundary for network traffic between the service that reside within it.

Virtual Services: abstraction of an actual service that is provided by a virtual node by means of virtual router.

Virtual nodes: Acts as a logical pointer to a discoverable service, such as an Amazon ECS or Kubernetes service. for each virtual service,you will have at least one virtual node

Virtual Router and Routes: handle traffic for one or more virtual services within your mesh. a route is associated to a virtual router. the route is used to match requests for a virtual router and to distribute traffic to its virtual router and to distribute traffic to its associated virtual nodes.

Virtual Gateway: allows resources that are outside of your mesh to communicate to resources that are inside of your mesh

Lets Meshyfy an EKS- Product Catalog Application

  • Before installation of app mesh

  • Post App Mesh Installation

Demo :

  1. Set up an Amazon EKS cluster: You can use the AWS Management Console or the AWS CLI to create an EKS cluster.

  2. Install the AWS App Mesh controller: Follow the instructions in the AWS App Mesh documentation to install the controller in your cluster.

  3. Define your virtual nodes and virtual services: Use the AWS App Mesh API or the AWS CLI to create virtual nodes and virtual services for your micro services.

  4. Deploy your micro services: Use a tool such as Helm or kubectl to deploy your micro services to your cluster.

  5. Configure your Envoy sidecar proxies: Use the AWS App Mesh API or the AWS CLI to configure your Envoy proxies and route traffic to your micro services.


AWS App Mesh is a powerful service mesh that can help you manage and operate your micro services in Amazon EKS. With its end-to-end visibility, traffic control, and resiliency features, you can build highly scalable and reliable applications that can handle complex workloads.

Want to learn more about running micro services in Amazon EKS with AWS App Mesh? Check out the AWS App Mesh documentation and try it out for yourself.