Why Proxies Are Important for Microservices

July 7, 2019


Proxies are invisible workers that help keep networks safe, optimise bandwidth, offload processing from backend servers, and ensure the smooth flow of requests. A typical request from your computer across the Internet to a website will pass through many proxy servers. Let’s look at that in more detail.

In computer networks, a proxy acts as an intermediary for requests from clients to servers for resources. An outbound proxy provides both security isolation and performance optimisation for network traffic. Internal clients protected by a firewall do not have direct access out to the Internet. Instead, clients send all requests to a proxy that does have external access that then makes the requests on behalf of the original client. The proxy can optionally cache content locally optimising the use of network bandwidth and providing faster responses to clients.

Out bound proxy architecture

Servers make use of proxies for handling incoming requests. In this configuration, it is called a reverse proxy; providing security and performance benefits as before along with load balancing. The reverse proxy typically provides access to numerous backend servers protected behind a firewall without the client being aware of their existence. Optional SSL termination, data compression, and content caching provide performance optimisations.

In bound proxy architecture

Proxies and Microservices

Reverse proxies are a critical component of microservices applications. They provide an externally reachable endpoint for services along with performance enhancements as mentioned above; in a Kubernetes environment, they are called Ingress Controllers. There are various implementations available including:

In addition to primary request routing, reverse proxies can provide more advanced routing functionality such as load balancing, circuit breakers, rate limiting, A/B deployment and canary testing. Service Meshes, more about these in a later article, utilise the advanced capabilities of proxies to enable their functionality. Some of the proxy implementations additionally offer simple tracing support, producing Zipkin or Jaeger (OpenTracing compliant) spans for the requests they route.

The dynamic nature of microservices applications presents challenges when implementing reverse proxies. Services can come and go as they are revisioned or scaled and will have random IP addresses assigned. The synchronisation of the available services and the configuration of the reverse proxy is essential to ensure error-free operation. One solution is to use a service registry (e.g. etcd) and have each service maintain its registration while it is running. The reverse proxy watches the service registry to keep its configuration up to date. Kubernetes does all of this automatically for you as part of its automation. The Kube DNS process maintains the service registry with an address (A) and service (SRV) record for each service. The Kube Proxy process routes and load balances requests across all instances of the services.

Monitoring Proxies With Instana

With all incoming request traffic for a microservices application typically passing through proxies, it is essential to monitor the performance and health of those proxies. Instana sensors include support for Envoy Monitoring, Nginx Monitoring and Traefik Monitoring, with more proxy technologies coming. Instana can consume both Zipkin and Jaeger trace spans along with those from its sensors. In addition to the traces, the Instana sensors also collect time-series performance metrics providing a comprehensive view of health and performance. Instana’s built-in AI-powered rules engine automatically analyses the trace and time-series metric data, providing proactive alerting on performance issues or errors. Providing operators with precise information on what needs fixing or optimising.

Trace showing envoy span from Instana agent instrumentation

Instana’s automatic monitoring extends across many different technologies providing complete end to end visibility across your microservices application. Automated instrumentation of most language runtimes enables deep visibility into application code and saves time and effort over manual instrumentation.

Play with Instana’s APM Observability Sandbox

Announcement, Product
What are Service Level Objectives (SLO) SLOs are important pieces that are used to define Service Level Agreements (SLAs). As described by Wikipedia, “SLOs are specific measurable characteristics of the SLA such...
Announcement, Featured, Product, Thought Leadership
When it comes right down to it, there are many different types of Docker monitoring but most people don’t realize how many layers of monitoring are required to understand the performance and...
Announcement, Featured, Product
IBM MQ (previously Websphere MQ and MQ Series) is an enterprise-oriented messaging middleware. According to the IBM website, “It works with a broad range of computing platforms, applications, web services and communications...

Start your FREE TRIAL today!

As the leading provider of Automatic Application Performance Monitoring (APM) solutions for microservices, Instana has developed the automatic monitoring and AI-based analysis DevOps needs to manage the performance of modern applications. Instana is the only APM solution that automatically discovers, maps and visualizes microservice applications without continuous additional engineering. Customers using Instana achieve operational excellence and deliver better software faster. Visit https://www.instana.com to learn more.