DEV Community

Cover image for Application Architecture for Microservices: Sidecar Pattern
Emre Savcı
Emre Savcı

Posted on • Edited on

Application Architecture for Microservices: Sidecar Pattern

What should our microservice application architectures be like?

Let's examine together how we use sidecar to solve cross-cutting concerns such as authorization, caching, configuration secret management, and observability.


Cross-Cutting Concerns

Let's start with explaining cross-cutting concerns.

Some of the requirements outside of the application's business code are needed in the different layers of an application.

For example logging, configuration, caching, authorization, observability…

mstrYoda_

Traditional Development

The traditional way is to code and use all this tooling within our development service. If we have different services written in the same language, we can share those codes between services and use them as packages/libraries between services.

mstrYoda_

So what is a bad scenario?

In an environment where services are written in more than one language, these requirements had to be reimplemented with each language.

Imagine that you (or your teams) are writing same functionality over and over with different languages...

mstrYoda_

Is there a solution in this case instead of writing the same code?

The first thing that comes to mind is to write separate API services for those requirements.

So is this a correct solution?

What problems can we encounter?

mstrYoda_

How to scale these shared services when the number of consumer services increase?

Moving the application code to another service that accessing over the network will cause the network latency(delay) to our application. It will slow down our application.

So, what would you do if you do not want to rewrite the same stories in different languages, or to face with network latencies?

Answer: We will use to Sidecar pattern.

Sidecar Pattern

https://devopedia.org/design-patterns-for-microservices-and-containers

Image description

So what is this Sidecar?

We can run multiple containers inside our pods running on Kubernetes. We can call the containers running beside our main application container as sidecars.

These additional features can develop in a single language and then we can "inject" it to our applications. We develop our sidecars with Go language and inject them into microservices.

This "inject" operation is performed by Kubernetes on the basis of a concept which name is Dynamic Admission Webhook. I will leave the source link at the end of the article for details.

mstrYoda_

When a pod scales up, the additional sidecars also go with it.

In addition, with the network interface created specifically for the pod shared across sidecars, network latency can be ignored because it is over localhost.

mstrYoda_

What else can be done with the sidecars?

  • Pod network configurations
  • Pod network requests/responses can be interrupted/manipulated
  • Service mesh can be made
  • Microservice runtime implementation can be done

For example, Istio Service Mesh can work as sidecar. The pod's entire network control is taken over by the incoming istio-proxy as a sidecar and can manipulate incoming and outgoing requests/responses.

Image description

You can write various network rules. When the whole network passes through the istio-proxy sidecar, there is metric data for all network processes and we can visualize microservice inter-service calls.

istio


I want to complete my post here. We take a quick look into the sidecar approach with you. See you in the next posts.


Resources

https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/

https://betterprogramming.pub/understanding-kubernetes-multi-container-pod-patterns-577f74690aee

https://istio.io/


Let's Connect
Enter fullscreen mode Exit fullscreen mode

Twitter
Github

You can support me on Github: Support mstrYoda on Github

Buy Me A Coffee

Top comments (0)