AWS App Mesh vs Kubernetes

Need advice about which tool to choose?Ask the StackShare community!

AWS App Mesh

23
202
+ 1
0
Kubernetes

58.7K
50.4K
+ 1
677
Add tool

AWS App Mesh vs Kubernetes: What are the differences?

Key Differences Between AWS App Mesh and Kubernetes

Introduction

Below are the key differences between AWS App Mesh and Kubernetes.

  1. Service Architecture: AWS App Mesh is a service mesh that provides control over communication between services within an application, allowing for observability, traffic management, and security. Kubernetes, on the other hand, is a container orchestration platform that manages the deployment, scaling, and operations of containers in a cluster.

  2. Platform Support: AWS App Mesh is a platform-agnostic service mesh and can work with any container orchestration platform, including Kubernetes. It allows users to connect and manage services across different platforms seamlessly. Kubernetes, on the other hand, is a specific platform for container orchestration and does not directly support other platforms.

  3. Traffic Routing: AWS App Mesh offers advanced traffic routing capabilities, such as weighted routing, circuit breaking, and retries. It allows fine-grained control over how traffic is routed between services within an application. In Kubernetes, traffic routing is primarily handled through its built-in load balancing and service discovery mechanisms, which may not provide the same level of flexibility and control as AWS App Mesh.

  4. Observability: AWS App Mesh provides built-in observability features like metrics, logs, and distributed tracing, which give developers insights into the behavior and performance of their applications. Kubernetes, on the other hand, does not offer these features out of the box. Observability in Kubernetes requires additional tools and configurations.

  5. Security and Authorization: AWS App Mesh offers features like encryption, certificate management, and mutual TLS authentication to secure communication between services. It also supports fine-grained access control policies using AWS Identity and Access Management (IAM) roles. While Kubernetes provides some security features, such as authentication and authorization, it may require additional configuration to achieve the same level of security as AWS App Mesh.

  6. Scalability and Autoscaling: AWS App Mesh offers automatic scaling of services based on custom metrics and thresholds. It can automatically scale services up or down based on demand. Kubernetes also supports autoscaling, but its capabilities may not be as advanced as those provided by AWS App Mesh.

In Summary, AWS App Mesh and Kubernetes differ in their service architecture, platform support, traffic routing capabilities, observability features, security and authorization mechanisms, and scalability/autoscaling capabilities.

Advice on AWS App Mesh and Kubernetes
Mohammed Shurrab
Needs advice
on
AWS App MeshAWS App Mesh
and
KumaKuma

One of our applications is currently migrating to AWS, and we need to make a decision between using AWS API Gateway with AWS App Mesh, or Kong API Gateway with Kuma.

Some people advise us to benefit from AWS managed services, while others raise the vendor lock issue. So, I need your advice on that, and if there is any other important factor rather than vendor locking that I must take into consideration.

See more
Replies (2)
Recommends
on
KumaKuma

The benefit of using Kuma + Kong Gateway are:

  • Feature-set: Kong + Kuma provide an end-to-end solution for both APIM and Service Mesh with a feature-set, and a performance, that is not matched by AWS services. In addition to this you can extend Kong Gateway with 70+ plugins out of the box and choose between 500+ plugins from the community to cover every use-case. In comparison, the feature-set of AWS API Gateway is quite limited and basic.
  • Performance: Especially in the case of Kong Gateway, performance has always been a top priority for the project (more performance deliver more reliable applications). In some benchmarks the latency added by AWS API Gateway can be 200x more than what you would achieve with Kong Gateway natively which has been hand-crafted for maximum throughput.
  • Cost: While cloud vendors like AWS make it very easy to get up and running with their services at a lower initial cost, that cost ramps up very quickly (exponentially) as the number of requests are increasing. With Kong GW you don't have this problem, since you can run tens of thousands of concurrent requests on a small EC2 instance (or Kubernetes Ingress, via the native K8s ingress controller for Kong Gateway).
  • Portability: You can replicate your infrastructure on any other cloud, or on your development machines with ease. Want to run your gateway + mesh on your local Kubernetes cluster? You can do that. Want to run your infrastructure on another cloud provider? You can do that. Strategically you have full ownership of your infrastructure and its future. When it comes to Kuma, you can also run a Mesh on VM-based workloads in addition to Kubernetes (Kuma is universal).
  • And much more.

Disclaimer: I am the CTO of Kong.

See more
Amarnath RC
Program Architect at Mindtree · | 2 upvotes · 34.4K views
Recommends
on
AWS App MeshAWS App Mesh

AWS App Mesh is useful when your micro services are deployed across Ec2 , EKS or ECS. Assume you are in process of migrating microservices from ec2 instances to ecs, its easy to switch using Virtual router configuration. As App Mesh is managed service and easy to bring up ,its worth giving it a try for your use case before choosing Kuma or any other tool.

See more
Decisions about AWS App Mesh and Kubernetes
Simon Reymann
Senior Fullstack Developer at QUANTUSflow Software GmbH · | 30 upvotes · 8.8M views

Our whole DevOps stack consists of the following tools:

  • GitHub (incl. GitHub Pages/Markdown for Documentation, GettingStarted and HowTo's) for collaborative review and code management tool
  • Respectively Git as revision control system
  • SourceTree as Git GUI
  • Visual Studio Code as IDE
  • CircleCI for continuous integration (automatize development process)
  • Prettier / TSLint / ESLint as code linter
  • SonarQube as quality gate
  • Docker as container management (incl. Docker Compose for multi-container application management)
  • VirtualBox for operating system simulation tests
  • Kubernetes as cluster management for docker containers
  • Heroku for deploying in test environments
  • nginx as web server (preferably used as facade server in production environment)
  • SSLMate (using OpenSSL) for certificate management
  • Amazon EC2 (incl. Amazon S3) for deploying in stage (production-like) and production environments
  • PostgreSQL as preferred database system
  • Redis as preferred in-memory database/store (great for caching)

The main reason we have chosen Kubernetes over Docker Swarm is related to the following artifacts:

  • Key features: Easy and flexible installation, Clear dashboard, Great scaling operations, Monitoring is an integral part, Great load balancing concepts, Monitors the condition and ensures compensation in the event of failure.
  • Applications: An application can be deployed using a combination of pods, deployments, and services (or micro-services).
  • Functionality: Kubernetes as a complex installation and setup process, but it not as limited as Docker Swarm.
  • Monitoring: It supports multiple versions of logging and monitoring when the services are deployed within the cluster (Elasticsearch/Kibana (ELK), Heapster/Grafana, Sysdig cloud integration).
  • Scalability: All-in-one framework for distributed systems.
  • Other Benefits: Kubernetes is backed by the Cloud Native Computing Foundation (CNCF), huge community among container orchestration tools, it is an open source and modular tool that works with any OS.
See more
Get Advice from developers at your company using StackShare Enterprise. Sign up for StackShare Enterprise.
Learn More
Pros of AWS App Mesh
Pros of Kubernetes
    Be the first to leave a pro
    • 164
      Leading docker container management solution
    • 128
      Simple and powerful
    • 106
      Open source
    • 76
      Backed by google
    • 58
      The right abstractions
    • 25
      Scale services
    • 20
      Replication controller
    • 11
      Permission managment
    • 9
      Supports autoscaling
    • 8
      Cheap
    • 8
      Simple
    • 6
      Self-healing
    • 5
      No cloud platform lock-in
    • 5
      Promotes modern/good infrascture practice
    • 5
      Open, powerful, stable
    • 5
      Reliable
    • 4
      Scalable
    • 4
      Quick cloud setup
    • 3
      Cloud Agnostic
    • 3
      Captain of Container Ship
    • 3
      A self healing environment with rich metadata
    • 3
      Runs on azure
    • 3
      Backed by Red Hat
    • 3
      Custom and extensibility
    • 2
      Sfg
    • 2
      Gke
    • 2
      Everything of CaaS
    • 2
      Golang
    • 2
      Easy setup
    • 2
      Expandable

    Sign up to add or upvote prosMake informed product decisions

    Cons of AWS App Mesh
    Cons of Kubernetes
      Be the first to leave a con
      • 16
        Steep learning curve
      • 15
        Poor workflow for development
      • 8
        Orchestrates only infrastructure
      • 4
        High resource requirements for on-prem clusters
      • 2
        Too heavy for simple systems
      • 1
        Additional vendor lock-in (Docker)
      • 1
        More moving parts to secure
      • 1
        Additional Technology Overhead

      Sign up to add or upvote consMake informed product decisions

      What is AWS App Mesh?

      AWS App Mesh is a service mesh based on the Envoy proxy that makes it easy to monitor and control containerized microservices. App Mesh standardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high-availability for your applications. App Mesh gives you consistent visibility and network traffic controls for every microservice in an application. You can use App Mesh with Amazon ECS (using the Amazon EC2 launch type), Amazon EKS, and Kubernetes on AWS.

      What is Kubernetes?

      Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions.

      Need advice about which tool to choose?Ask the StackShare community!

      What companies use AWS App Mesh?
      What companies use Kubernetes?
      See which teams inside your own company are using AWS App Mesh or Kubernetes.
      Sign up for StackShare EnterpriseLearn More

      Sign up to get full access to all the companiesMake informed product decisions

      What tools integrate with AWS App Mesh?
      What tools integrate with Kubernetes?

      Sign up to get full access to all the tool integrationsMake informed product decisions

      Blog Posts

      Kubernetesetcd+2
      2
      1153
      Dec 8 2020 at 5:50PM

      DigitalOcean

      GitHubMySQLPostgreSQL+11
      2
      2352
      PythonDockerKubernetes+7
      3
      1096
      May 21 2020 at 12:02AM

      Rancher Labs

      KubernetesAmazon EC2Grafana+12
      5
      1486
      Apr 16 2020 at 5:34AM

      Rancher Labs

      KubernetesRancher+2
      2
      929
      What are some alternatives to AWS App Mesh and Kubernetes?
      Istio
      Istio is an open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio's control plane provides an abstraction layer over the underlying cluster management platform, such as Kubernetes, Mesos, etc.
      Consul
      Consul is a tool for service discovery and configuration. Consul is distributed, highly available, and extremely scalable.
      Envoy
      Originally built at Lyft, Envoy is a high performance C++ distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures.
      linkerd
      linkerd is an out-of-process network stack for microservices. It functions as a transparent RPC proxy, handling everything needed to make inter-service RPC safe and sane--including load-balancing, service discovery, instrumentation, and routing.
      Zuul
      It is the front door for all requests from devices and websites to the backend of the Netflix streaming application. As an edge service application, It is built to enable dynamic routing, monitoring, resiliency, and security. Routing is an integral part of a microservice architecture.
      See all alternatives