I know how to use Kuma or Istio as Service Mesh and inject one SideCar proxy into one existing SpringBoot Application or any other Application but can we inject one SpringBoot application as SideCar Proxy into another SpringBoot Application.

The context is, lets say SideCar Proxy SpringBoot application might be having basic things (i.e Authentication, Security Policy or any other type of policy etc) which might be required in main SpringBoot Service. And the same SideCar proxy application can be injected into any other application.

Question might sound little vague but I can provide more details on it if anything is not clear or confusing.

Thanks

2

There are 2 answers

1
austin_ce On

To my knowledge, this is not possible in Kuma or any other service mesh. I believe what you are asking for is the ability to customize/replace the proxy used by the service mesh. In the case of Kuma and Istio, which use Envoy as the sidecar proxy, you would need to reimplement most of Envoy in your Springboot application.

I think you are better off trying to move the logic in your SpringBoot "sidecar" into either Kuma policies or into some gateway. Apache APISIX, for example, has support for Java plugins.

4
Igor Kanshyn On

I am not sure that I have got the question correctly. It looks like you need to have two SpringBoot applications, one will be the main app, and the other will be a sidecar for it. That does not sound like an unusual thing.

Here is a sample of Kubernetes deployment.yaml you might have:

apiVersion: apps/v1
kind: Deployment
metadata:
 name: sidecar-deployment
 labels:
   role: app
spec:
 replicas: 1
 selector:
   matchLabels:
     role: app
 template:
   metadata:
     labels:
       role: app
   spec:
     volumes:
     - name: shared-data
       emptyDir: {}
     containers:
     - name: mainapp
       image: "dokerhubuser/mainapp"
       volumeMounts:
       - name: shared-data
         mountPath: /usr/share/mainapp-folder
       ports:
       - containerPort: 8080
     - name: sidecar
       image: "dokerhubuser/sidecar"
       volumeMounts:
       - name: shared-data
         mountPath: /usr/share/sidecar-folder
       ports:
       - containerPort: 8888

Look here for more details about this yaml file: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

This is very basic. The main point is that the sidecar is a second container on the same deployment.

They will share the same filesystem. Sidecar app can be addressed via localhost: (e.g. HTTP://localhost:8888 in our case)