This is demo project for testing sidecar pattern , we have used application container built using spring boot and envoy as side-car container.
- Envoy , Also read Nginx vs HAproxy vs Envoy link , Read
- What is envoy proxy? => L7 proxy (Application layer , reverse proxy[sits b/w client and server, where as proxy sits b/w client and internet for controlling access to specif website]) deals with application specific protocols like gRPC, HTTP,WebSocket etc.Performs content aware routing ie. it can route traffic based on URL paths ,http headers ,query params or even request body content(i.e based on the content of the incoming requests rather than the low level information like IP address or ports). In contrast an L4 proxy( Nginx in TCP mode;Transport layer; handles TCP, UDP etc.) would only route traffic base on IP address and ports without understanding HTTP semantics.
- Enables load balancing , circuit breaking , rate limiting , authentication , observability , service discovery, advanced traffic control etc.
- Concepts you should know : api gateway vs sidecar (adv , disadv) Link
- Scope=> sidecar: inter service , gateway:External API
- Deployment=> sidecar: inter service , gateway:External API
- Responsibility => sidecar: Low level concerns , gateway:Higher level concerns
- Granularity => sidecar:Micro level , gateway:Macro view
- Flexibility => sidecar: Fine grained control, gateway:Diverse client needs
- Key characteristics of sidecar proxy
- co-located deployment with services
- Independent lifecycle management
- Resource efficiency
- Isolation of concerns
-
Different characteristics of sidecar proxy
- Dynamic service discovery
- Load balancing
- TLS termination
- Http/2 and gRPC proxies
- Circuit breakers
- Rate limiting
- Health check
- Staged rollout with %-based traffic split(canary releases)
- Fault injection(can deliberately inject delays or errors to test system's resilience )
- Outlier detection (can detect unhealthy endpoints and automatically eject them from LB pool)
- gRPC support
- Rich metrics
- Benefits and tradeoffs
- Simplified microservices conf
- Improved observability and monitoring
- Enhanced scalability and resilience
- Additional resource overhead
- Potential SPoF (single point of failure)
- Latency
- Complexity
- update version in build.gradle(current version is 0.0.7)
- update jar version in Dockerfile(current version is 0.0.7)
- update cloudnative image version in docker-compose file
- ./gradlew build
- docker build -t rajdeepsahoo123/cloudnative:0.0.7 .
- docker push rajdeepsahoo123/cloudnative:0.0.7
- docker-compose up --build -d
- docker-compose down
✅ Combine Circuit Breaking + Outlier Detection for improved resilience Why? If a service becomes slow or overwhelmed, Envoy will stop sending new requests to protect upstream systems Why? Outlier detection ensures traffic is redirected to healthy instances during partial failures.
✅ Use Rate Limiting to throttle abusive traffic sources Why? Rate limiting ensures fair usage and protects backend services from excessive traffic.
✅ Configure Retries with timeout limits to avoid retry storms Why? Retry policies improve reliability by giving services extra chances to recover during brief disruptions.
✅ Set Load Shedding priorities to safeguard mission-critical services Why? Prioritizing essential traffic ensures that core services remain functional during high load.
✅ Use monitoring tools (like Prometheus, Grafana, or Envoy’s admin interface) to track traffic trends and adjust limits as needed
Best For->Web server + reverse proxy + load balancing combo
Best For->High-performance load balancing and connection handling
Best For->Modern microservices architecture and service mesh solutions
L4 Traffic (Pure TCP/UDP load balancing): → HAProxy or Envoy
L7 Traffic (HTTP-aware routing, content-based switching): → Nginx, HAProxy, or Envoy
Microservices (dynamic service discovery, advanced routing): → Envoy
For further reference, please consider the following sections:
- Official Gradle documentation
- Spring Boot Gradle Plugin Reference Guide
- Create an OCI image
- Spring Boot Testcontainers support
- Spring Web
- Testcontainers
The following guides illustrate how to use some features concretely:
- Building a RESTful Web Service
- Serving Web Content with Spring MVC
- Building REST services with Spring
These additional references should also help you:
This project uses Testcontainers at development time.
Testcontainers has been configured to use the following Docker images:
Please review the tags of the used images and set them to the same as you're running in production.