![]() There are a lot of decisions you need to make but in short, yes, it is possible to do this separation, and your entire application will have to be designed in this way. I hope this somewhat answers your question. (k8s clusters can typically scale to 1000s of nodes). This will be a very important cost factor and you should consider using a single cluster for your application. For example, if a dedicated database instance crashed, the event streaming service will still be running.Īlso understand that in a public cloud solution (even EKS) a cluster->cluster traffic is more expensive for you than the traffic inside a single cluster. You can use different instance types that match your various workload types, this will not only ensure optimal performance but also separation of failure domains.At one level below, in your cloud, you can limit the traffic using security groups.By using separate namespaces for your application services as necessary for better isolation.You will require a networking overlay that supports these. By using network policies to restrict unauthorized traffic flow between microservices.By using authentication and authorization mechanisms to ensure authorized communication between control and data plane applications.There are many ways in which you can do it (most/all of them are available in all public clouds). ![]() You will need to architect your application in a manner that your control microservices are isolated from your data microservices. If those 3 points above are true, then the answer is yes, every cloud platform has these capabilities. You want a separation of the APPLICATION control plane (decision making components like authentication APIs, internal service routing) from the APPLICATION data plane (the serving of your application data to the clients through the egress). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |