Giters

aws / aws-app-mesh-examples

AWS App Mesh is a service mesh that you can use with your microservices to manage service to service communication.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Routing Questions

141984 opened this issue · comments

commented

Hey,

I am have novus to the world of Service Meshes and have some questions regarding how this setup works. I hope this is the right place to ask them.

  1. AppMeshWildcardRecordSet
    What is this for used for? What is the connection between this and the ColorVirtualService created? How does having an IP address for 1.2.3.4 help route the traffic to the virtual service?

  2. ColorVirtualService
    This is provided as an environment variable COLOR_HOST in the front-end app. Is this URL-like-virtual-service-name something that only the Envoy agent, sitting along with the front-end app, able to resolve?
    Can this URL-like-virtual-service-name be used to access the Color ECS services from other EC2 instances, that are not part of the mesh, but created in the same VPC? curl -i -XGET http://colors.mesh.local:8080 from the instance? Is this possible in any way, or would I have to go with an ALB and target-group ?

Thanks in Advance,

commented

Hey @141984, let me take a stab at answering these for you.

  1. So this is a hack. Well, at least one of the hacks. The reason is that when the front-end app wants to send traffic to the color teller app, it tries to resolve the DNS for the color app endpoint (let's call this color.my-awesome-project.mesh.local), the Envoy cannot really "see" this DNS request since Envoy cannot intercept UDP packets yet. (This is not entirely true, there has been contributions to envoy to do DNS resolution, AppMesh doesn't use it yet). I digress, but, we need the app to successfully resolve the DNS name to "some" IP address so that the front app can continue sending the request to color app, which will be intercepted by Envoy for routing. So the IP 1.2.3.4 is a fake IP in route 53. You can also hack this by adding a line in your /etc/hosts file for *.my-awesome-project.mesh.local. Now that the app successfully sends the requests to Envoy, envoy looks at the host header field for DNS name and routes the requests to a particular cluster which has the IPs for color app provided by the appmesh management server.

  2. You will be able to resolve these "URL-like-virtual-service-name" from the VPC if there's an route 53 record for that. Which will usually be created/referenced by your ECS Service.

HTH, please feel free to reach out if you have more questions.

commented

Thanks for the answers :)