Why Proxies Are Important for Microservices

July 7, 2019

Proxies are invisible workers that help keep networks safe, optimise bandwidth, offload processing from backend servers, and ensure the smooth flow of requests. A typical request from your computer across the Internet to a website will pass through many proxy servers. Let’s look at that in more detail.

In computer networks, a proxy acts as an intermediary for requests from clients to servers for resources. An outbound proxy provides both security isolation and performance optimisation for network traffic. Internal clients protected by a firewall do not have direct access out to the Internet. Instead, clients send all requests to a proxy that does have external access that then makes the requests on behalf of the original client. The proxy can optionally cache content locally optimising the use of network bandwidth and providing faster responses to clients.

Out bound proxy architecture

Servers make use of proxies for handling incoming requests. In this configuration, it is called a reverse proxy; providing security and performance benefits as before along with load balancing. The reverse proxy typically provides access to numerous backend servers protected behind a firewall without the client being aware of their existence. Optional SSL termination, data compression, and content caching provide performance optimisations.

In bound proxy architecture

Proxies and Microservices

Reverse proxies are a critical component of microservices applications. They provide an externally reachable endpoint for services along with performance enhancements as mentioned above; in a Kubernetes environment, they are called Ingress Controllers. There are various implementations available including:

In addition to primary request routing, reverse proxies can provide more advanced routing functionality such as load balancing, circuit breakers, rate limiting, A/B deployment and canary testing. Service Meshes, more about these in a later article, utilise the advanced capabilities of proxies to enable their functionality. Some of the proxy implementations additionally offer simple tracing support, producing Zipkin or Jaeger (OpenTracing compliant) spans for the requests they route.

The dynamic nature of microservices applications presents challenges when implementing reverse proxies. Services can come and go as they are revisioned or scaled and will have random IP addresses assigned. The synchronisation of the available services and the configuration of the reverse proxy is essential to ensure error-free operation. One solution is to use a service registry (e.g. etcd) and have each service maintain its registration while it is running. The reverse proxy watches the service registry to keep its configuration up to date. Kubernetes does all of this automatically for you as part of its automation. The Kube DNS process maintains the service registry with an address (A) and service (SRV) record for each service. The Kube Proxy process routes and load balances requests across all instances of the services.

Monitoring Proxies With Instana

With all incoming request traffic for a microservices application typically passing through proxies, it is essential to monitor the performance and health of those proxies. Instana sensors include support for Envoy Monitoring, Nginx Monitoring and Traefik Monitoring, with more proxy technologies coming. Instana can consume both Zipkin and Jaeger trace spans along with those from its sensors. In addition to the traces, the Instana sensors also collect time-series performance metrics providing a comprehensive view of health and performance. Instana’s built-in AI-powered rules engine automatically analyses the trace and time-series metric data, providing proactive alerting on performance issues or errors. Providing operators with precise information on what needs fixing or optimising.

Trace showing envoy span from Instana agent instrumentation

Instana’s automatic monitoring extends across many different technologies providing complete end to end visibility across your microservices application. Automated instrumentation of most language runtimes enables deep visibility into application code and saves time and effort over manual instrumentation.

Play with Instana’s APM Observability Sandbox

Developer, Thought Leadership
In my last blog on preparing for Black Friday, I teased how easy it is to gain insight into the state of your eCommerce retail applications and all its components with an...
Instana, an IBM company, has been recognized as a Customers’ Choice in the 2021 Gartner Peer Insights ‘Voice of the Customer’: Application Performance Monitoring, and we are thrilled. Our team takes great...
Developer, Thought Leadership
In the past few years, distributed tracing has emerged in the global DevOps consciousness as an indispensable tool in the microservices arsenal. In April 2019, the open source observability community rose to...

Start your FREE TRIAL today!

Instana, an IBM company, provides an Enterprise Observability Platform with automated application monitoring capabilities to businesses operating complex, modern, cloud-native applications no matter where they reside – on-premises or in public and private clouds, including mobile devices or IBM Z.

Control hybrid modern applications with Instana’s AI-powered discovery of deep contextual dependencies inside hybrid applications. Instana also gives visibility into development pipelines to help enable closed-loop DevOps automation.

This provides actionable feedback needed for clients as they to optimize application performance, enable innovation and mitigate risk, helping Dev+Ops add value and efficiency to software delivery pipelines while meeting their service and business level objectives.

For further information, please visit instana.com.