Skip to content

Anthos Service Mesh

What is the Anthos Service Mesh?

If you have been using Google’s services such as Gmail, Search, etc., you have probably wondered how Google manages these services at a global scale. These are very large applications that no typical machine can singly run. For this reason, microservice architectures have been utilized to break up these applications into services and scale the parts that are under load. Microservice architectures take care of multi-regional availability and regional resiliency but creates more challenges for developers and engineers. They have to manage numerous networks linking service containers together. They also have to manage security, making each service and network able to identify themselves to the others. They also have to account for observability, network resilience, and policy formation as well as implementation. All of this is extremely complicated on a global scale. This is where Anthos Service Mesh (ASM) comes in.  

ASM is Google Cloud’s fully managed service mesh for complex microservice architectures. It works on a single basic principle: separating your business logic from your network functions. This way, your developers and engineers can focus on developing business logic for your application, leaving your operation team to build the platform for the application. Since we live in a world of containers, you can toss your application in a container and the platform in a separate one. Kubernetes allows you to group these containers into a pod and/or deployment. Being a fully managed service, ASM relieves you from all the stress of building and managing the infrastructure for the platform, allowing your developers and operators to focus on their tasks.

Anthos Service Mesh Integrations

Anthos Service Mesh has built-in observability with GCP monitoring tools such as Cloud Monitoring and Managed Service for Prometheus. This is important because observability is quite difficult with a huge amount of microservices across multiple containers. In addition, the number of metrics to be monitored multiplies exponentially when you employ a microservice architecture for your applications. This includes network observability, network metrics, distributed tracing, etc. ASM wraps up all of these metrics and emits them as Prometheus specs and you can use monitoring and analytics tools such as Grafana to display this information. Integration with Cloud Logging, Cloud Monitoring, and Cloud Trace allows ASM to monitor service level objectives (SLOs) at the service level and set targets for availability and latency.

ASM also enables you to embrace a Zero Trust security model. Every entity, within or outside the network must be authenticated before an authorization is granted. ASM provides the tools to do this. You can secure your services declaratively or automatically. You get to define authentication requirements for each service. It offers flexibility in authentication and you get to decide who can access which service.

ASM provides you with simplified high-level traffic management. With this, services can perform granular traffic management. For example, if you’re releasing a new version of the software, you can direct a small subset of your traffic, say 10%, to the new version, while the remaining 90% stays on the old version. With this, you can easily do rollouts of new untested versions of your services for testing.

With most enterprises moving away from monoliths, it is important to have a service that significantly aids in managing complex microservice architecture. ASM is that service, providing you with out-of-the-box capabilities.

gke autopilot
Google Kubernetes Engine Autopilot

AGoogle continues delivering tools that make the life of developers easier. Modern applications require complex infrastructure that promises scalability as well as…

distributed cloud
Google Distributed Cloud

Data sovereignty needs, region/industry-specific compliance, and local data processing needs prevent all workloads from immediately or completely moving to the cloud…

Google Cloud NAT

Cloud NAT is a software-defined solution that lets certain resources without external IP addresses create outbound connections to the internet. Cloud NAT provides…

Get in touch with us

Ready to start your next project with us? Give us a call or send us an email and we will get back to you as soon as possible!