As organizations continue to adopt microservices architecture, they face the challenge of managing the communication between these services. AWS App Mesh is a service mesh that makes it easy to monitor and control microservices communication. In this blog post, I will explore how to set up AWS App Mesh on Amazon Elastic Kubernetes Service (EKS) and how it simplifies the communication between microservices.
What is AWS App Mesh?
AWS App Mesh is a service mesh that provides a way to control and monitor the communication between microservices. It is designed to work with any containerized application running on AWS, making it easy to integrate into any existing microservices architecture. With App Mesh, you can define and manage the traffic between your microservices, and visualize the communication between them.
Setting Up AWS App Mesh on EKS
To set up App Mesh on EKS, you need to follow these steps:
1. Create an Amazon Elastic Kubernetes Service (EKS) cluster: If you do not have an EKS cluster, you can create one using the AWS Management Console, the AWS CLI, eksctl, or infrastructure-as-code (IAC) tools like Terraform. In this scenario, I will use eksctl.To install eksctl, follow these steps:
curl --silent --location "(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
After installation, you can create an EKS cluster like with the following command. The default kubeconfig location is the KUBECONFIG environment path or ~/.kube/config.
eksctl create cluster -n appmesh-poc
To install it, use the appmesh-controller Helm chart.
# Add AWS's EKS Chart Helm repo
helm repo add eks
# Create App Mesh CRDs
kubectl apply -k "github.com/aws/eks-charts/stable/appmesh-controller//crds?ref=master"
# Create Namespace
kubectl create ns appmesh-system
# Set necessary environments
export CLUSTER_NAME=
export AWS_REGION=
export AWS_ACCOUNT_ID=
# Create IAM Open ID Connect provider for cluster
eksctl utils associate-iam-oidc-provider --region=$AWS_REGION \\
--cluster=$CLUSTER_NAME \\
--approve
# Get APP Mesh Controller IAM Policy from github repo
curl -o controller-iam-policy.json
# Create IAM Policy
aws iam create-policy \\
--policy-name AWSAppMeshK8sControllerIAMPolicy \\
--policy-document file://controller-iam-policy.json
# Create service account, attach policy and create Cloud Formation stack for App Mesh
eksctl create iamserviceaccount --cluster $CLUSTER_NAME \\
--namespace appmesh-system \\
--name appmesh-controller \\
--attach-policy-arn arn:aws:iam::$AWS_ACCOUNT_ID:policy/AWSAppMeshK8sControllerIAMPolicy \\
--override-existing-serviceaccounts \\
--approve
# Install App Mesh with Helm
helm upgrade -i appmesh-controller eks/appmesh-controller \\
--namespace appmesh-system \\
--set region=$AWS_REGION \\
--set serviceAccount.create=false \\
--set serviceAccount.name=appmesh-controller
3. Creating a mesh involves defining a logical boundary for your microservices. This boundary determines the traffic routing rules, policies, and observability of your services.
To create a mesh, use the samples available on the AWS App Mesh Inject GitHub repository.
# For deployment have to install awscli, jq, and, kubectl packages
# Set necessary environments
export AWS_ACCOUNT_ID=
export AWS_DEFAULT_REGION=
export VPC_ID=
# Get AWS's App Mesh examples repo
git clone
# Deploy example HTTP2 application
cd aws-app-mesh-examples/walkthroughs/howto-k8s-http2/
./deploy.sh
4. The AWS App Mesh Dashboard allows you to view the available resources.
- Virtual Gateways enable resources outside of your mesh to communicate with the resources inside your mesh.
- Virtual Services are an abstraction of a real service provided by a virtual node, either directly or indirectly through a virtual router.
-1.png?width=2000&height=943&name=image%20(1)-1.png)
- Virtual Routers handle traffic for one or more virtual services within your mesh.
.png?width=2000&height=553&name=image%20(2).png)
- Virtual Nodes serve as a logical pointer to a spesific task group, such as a Kubernetes deployment.
.png?width=2000&height=837&name=image%20(3).png)
Benefits of Using AWS App Mesh on EKS
By using App Mesh on EKS, you can simplify the communication between microservices in the following ways:
Service Discovery
App Mesh provides service discovery, which makes it easy for microservices to discover and communicate with each other. You can define virtual services and virtual nodes to represent your microservices, and use them to route traffic between your services. This makes it easy to add or remove microservices without disrupting the communication between them.
Traffic Management
App Mesh provides traffic management, which makes it easy to control the flow of traffic between microservices. You can define routes to specify how traffic flows between virtual services and virtual nodes. This makes it easy to implement A/B testing, canary releases, and blue/green deployments.
Observability
App Mesh provides observability, which makes it easy to monitor the communication between microservices. You can use CloudWatch logs and metrics to monitor the traffic between your microservices, and use X-Ray to trace the path of requests as they travel through your microservices.
Conclusion
AWS App Mesh on EKS simplifies the communication between microservices. By using App Mesh, you can define and manage the traffic between your microservices, and visualize the communication between them. This makes it easy to add or remove microservices, implement A/B testing or canary releases, and monitor the communication between your microservices. If you're building microservices on EKS, consider using App Mesh to simplify your communication.
