π Service Mesh in TuskLang - Bash Guide
Service Mesh in TuskLang - Bash Guide
π Revolutionary Service Mesh Configuration
Service mesh in TuskLang transforms your configuration files into intelligent, inter-service communication systems. No more manual service discovery or rigid routingβeverything lives in your TuskLang configuration with dynamic service discovery, intelligent traffic management, and comprehensive service observability.
> "We don't bow to any king" β TuskLang service mesh breaks free from traditional service communication constraints and brings modern microservices orchestration to your Bash applications.
π Core Service Mesh Directives
Basic Service Mesh Setup
#service-mesh: enabled # Enable service mesh
#mesh-enabled: true # Alternative syntax
#mesh-discovery: true # Enable service discovery
#mesh-routing: true # Enable traffic routing
#mesh-load-balancing: true # Enable load balancing
#mesh-circuit-breaker: true # Enable circuit breakerAdvanced Service Mesh Configuration
#mesh-observability: true # Enable observability
#mesh-security: true # Enable service security
#mesh-policy: true # Enable policy enforcement
#mesh-monitoring: true # Enable mesh monitoring
#mesh-tracing: true # Enable distributed tracing
#mesh-metrics: true # Enable service metricsπ§ Bash Service Mesh Implementation
Basic Service Mesh Manager
#!/bin/bashLoad service mesh configuration
source <(tsk load service-mesh.tsk)Service mesh configuration
MESH_ENABLED="${mesh_enabled:-true}"
MESH_DISCOVERY="${mesh_discovery:-true}"
MESH_ROUTING="${mesh_routing:-true}"
MESH_LOAD_BALANCING="${mesh_load_balancing:-true}"
MESH_CIRCUIT_BREAKER="${mesh_circuit_breaker:-true}"Service mesh manager
class ServiceMeshManager {
constructor() {
this.enabled = MESH_ENABLED
this.discovery = MESH_DISCOVERY
this.routing = MESH_ROUTING
this.loadBalancing = MESH_LOAD_BALANCING
this.circuitBreaker = MESH_CIRCUIT_BREAKER
this.services = new Map()
this.routes = new Map()
this.stats = {
service_discoveries: 0,
route_requests: 0,
circuit_breaks: 0
}
}
registerService(service) {
if (!this.discovery) return
this.services.set(service.name, {
...service,
status: 'healthy',
lastSeen: Date.now(),
endpoints: []
})
this.stats.service_discoveries++
}
discoverService(serviceName) {
if (!this.discovery) return null
const service = this.services.get(serviceName)
if (service && service.status === 'healthy') {
return service
}
return null
}
routeRequest(serviceName, request) {
if (!this.routing) return null
const service = this.discoverService(serviceName)
if (!service) return null
// Apply routing rules
const route = this.getRoute(serviceName, request)
if (route) {
this.stats.route_requests++
return this.executeRoute(route, request)
}
return null
}
getRoute(serviceName, request) {
const routes = this.routes.get(serviceName) || []
// Find matching route
for (const route of routes) {
if (this.matchesRoute(route, request)) {
return route
}
}
return null
}
matchesRoute(route, request) {
// Implementation for route matching
return true
}
executeRoute(route, request) {
// Implementation for route execution
return { success: true, data: 'response' }
}
getStats() {
return { ...this.stats }
}
}Initialize service mesh manager
const serviceMeshManager = new ServiceMeshManager()Dynamic Service Discovery
#!/bin/bashDynamic service discovery
discover_services() {
local discovery_file="/var/log/service-mesh/discovery.json"
local services=()
# Discover services from various sources
discover_docker_services
discover_kubernetes_services
discover_custom_services
# Generate discovery report
cat > "$discovery_file" << EOF
{
"timestamp": "$(date -Iseconds)",
"services": $(printf '%s\n' "${services[@]}" | jq -R . | jq -s .)
}
EOF
echo "β Service discovery completed"
}discover_docker_services() {
if command -v docker >/dev/null 2>&1; then
while IFS= read -r container; do
if [[ -n "$container" ]]; then
local service_name=$(docker inspect "$container" --format '{{.Config.Labels.service_name}}' 2>/dev/null)
local service_port=$(docker inspect "$container" --format '{{.Config.ExposedPorts}}' 2>/dev/null | grep -o '[0-9]*' | head -1)
if [[ -n "$service_name" ]] && [[ -n "$service_port" ]]; then
register_service "$service_name" "$container" "$service_port"
fi
fi
done < <(docker ps --format "{{.Names}}" | grep -v "service-mesh")
fi
}
discover_kubernetes_services() {
if command -v kubectl >/dev/null 2>&1; then
while IFS= read -r service; do
if [[ -n "$service" ]]; then
local service_name=$(echo "$service" | awk '{print $1}')
local service_port=$(echo "$service" | awk '{print $5}' | cut -d'/' -f1)
register_service "$service_name" "k8s-$service_name" "$service_port"
fi
done < <(kubectl get services --no-headers 2>/dev/null)
fi
}
discover_custom_services() {
local custom_services_file="${mesh_custom_services_file:-/etc/service-mesh/custom-services.conf}"
if [[ -f "$custom_services_file" ]]; then
while IFS= read -r service_line; do
local service_name="${service_line%:*}"
local service_config="${service_line#*:}"
IFS=',' read -r host port <<< "$service_config"
register_service "$service_name" "$host" "$port"
done < "$custom_services_file"
fi
}
register_service() {
local service_name="$1"
local host="$2"
local port="$3"
local service_file="/tmp/service_mesh_${service_name//[^a-zA-Z0-9]/_}.json"
cat > "$service_file" << EOF
{
"name": "$service_name",
"host": "$host",
"port": "$port",
"status": "healthy",
"last_seen": "$(date -Iseconds)",
"endpoints": ["$host:$port"]
}
EOF
echo "β Service registered: $service_name ($host:$port)"
}
Intelligent Traffic Routing
#!/bin/bashIntelligent traffic routing
route_traffic() {
local service_name="$1"
local request_path="$2"
local request_method="${3:-GET}"
local request_headers="${4:-}"
# Get service information
local service_info=$(get_service_info "$service_name")
if [[ -z "$service_info" ]]; then
echo "Service not found: $service_name"
return 1
fi
# Apply routing rules
local route=$(get_routing_rule "$service_name" "$request_path" "$request_method")
if [[ -n "$route" ]]; then
execute_route "$route" "$request_path" "$request_method" "$request_headers"
else
# Default routing
default_route "$service_info" "$request_path" "$request_method" "$request_headers"
fi
}get_service_info() {
local service_name="$1"
local service_file="/tmp/service_mesh_${service_name//[^a-zA-Z0-9]/_}.json"
if [[ -f "$service_file" ]]; then
cat "$service_file"
fi
}
get_routing_rule() {
local service_name="$1"
local request_path="$2"
local request_method="$3"
local routing_file="${mesh_routing_file:-/etc/service-mesh/routing.conf}"
if [[ -f "$routing_file" ]]; then
while IFS= read -r rule_line; do
IFS='|' read -r service pattern method target <<< "$rule_line"
if [[ "$service" == "$service_name" ]] && \
[[ "$request_path" =~ $pattern ]] && \
[[ "$request_method" == "$method" ]]; then
echo "$target"
return 0
fi
done < "$routing_file"
fi
return 1
}
execute_route() {
local route="$1"
local request_path="$2"
local request_method="$3"
local request_headers="$4"
echo "Executing route: $route"
# Parse route configuration
IFS=':' read -r target_host target_port <<< "$route"
# Forward request
forward_request "$target_host" "$target_port" "$request_path" "$request_method" "$request_headers"
}
default_route() {
local service_info="$1"
local request_path="$2"
local request_method="$3"
local request_headers="$4"
# Extract service details
local host=$(echo "$service_info" | jq -r '.host')
local port=$(echo "$service_info" | jq -r '.port')
# Forward request to default endpoint
forward_request "$host" "$port" "$request_path" "$request_method" "$request_headers"
}
forward_request() {
local host="$1"
local port="$2"
local path="$3"
local method="$4"
local headers="$5"
echo "Forwarding $method request to $host:$port$path"
# Use curl to forward request
local curl_cmd="curl -s -X $method"
# Add headers if provided
if [[ -n "$headers" ]]; then
IFS=',' read -ra header_array <<< "$headers"
for header in "${header_array[@]}"; do
curl_cmd="$curl_cmd -H '$header'"
done
fi
# Execute request
eval "$curl_cmd 'http://$host:$port$path'"
}
Circuit Breaker Pattern
#!/bin/bashCircuit breaker pattern
circuit_breaker() {
local service_name="$1"
local command="$2"
local failure_threshold="${3:-5}"
local timeout="${4:-60}"
local breaker_file="/tmp/circuit_breaker_${service_name//[^a-zA-Z0-9]/_}.json"
# Check circuit breaker state
if [[ -f "$breaker_file" ]]; then
local state=$(jq -r '.state' "$breaker_file" 2>/dev/null)
local last_failure=$(jq -r '.last_failure' "$breaker_file" 2>/dev/null)
local failure_count=$(jq -r '.failure_count' "$breaker_file" 2>/dev/null)
case "$state" in
"open")
# Check if timeout has passed
local current_time=$(date +%s)
local failure_time=$(date -d "$last_failure" +%s 2>/dev/null || echo 0)
if [[ $((current_time - failure_time)) -gt $timeout ]]; then
echo "Circuit breaker timeout passed, attempting operation..."
set_circuit_breaker_state "$service_name" "half_open"
else
echo "Circuit breaker is open, operation blocked"
return 1
fi
;;
"half_open")
echo "Circuit breaker is half-open, attempting operation..."
;;
"closed")
echo "Circuit breaker is closed, proceeding with operation..."
;;
esac
else
# Initialize circuit breaker
set_circuit_breaker_state "$service_name" "closed"
fi
# Execute command
if eval "$command"; then
# Success - close circuit breaker
set_circuit_breaker_state "$service_name" "closed"
echo "β Operation succeeded, circuit breaker closed"
return 0
else
# Failure - update circuit breaker
local current_failures=$((failure_count + 1))
if [[ $current_failures -ge $failure_threshold ]]; then
set_circuit_breaker_state "$service_name" "open"
echo "β Circuit breaker opened due to $current_failures failures"
else
set_circuit_breaker_state "$service_name" "closed" "$current_failures"
echo "β Operation failed, failure count: $current_failures"
fi
return 1
fi
}set_circuit_breaker_state() {
local service_name="$1"
local state="$2"
local failure_count="${3:-0}"
local breaker_file="/tmp/circuit_breaker_${service_name//[^a-zA-Z0-9]/_}.json"
cat > "$breaker_file" << EOF
{
"service": "$service_name",
"state": "$state",
"failure_count": $failure_count,
"last_failure": "$(date -Iseconds)",
"last_updated": "$(date -Iseconds)"
}
EOF
}
Service Mesh Observability
#!/bin/bashService mesh observability
mesh_observability() {
local observability_file="/var/log/service-mesh/observability.json"
# Collect mesh metrics
local total_services=$(get_total_services)
local healthy_services=$(get_healthy_services)
local total_requests=$(get_total_requests)
local failed_requests=$(get_failed_requests)
local average_response_time=$(get_average_response_time)
# Generate observability report
cat > "$observability_file" << EOF
{
"timestamp": "$(date -Iseconds)",
"total_services": $total_services,
"healthy_services": $healthy_services,
"unhealthy_services": $((total_services - healthy_services)),
"health_percentage": $((healthy_services * 100 / total_services)),
"total_requests": $total_requests,
"failed_requests": $failed_requests,
"success_rate": $(((total_requests - failed_requests) * 100 / total_requests)),
"average_response_time_ms": $average_response_time
}
EOF
echo "β Service mesh observability completed"
}get_total_services() {
find /tmp -name "service_mesh_*.json" -type f | wc -l
}
get_healthy_services() {
local healthy_count=0
while IFS= read -r service_file; do
if [[ -f "$service_file" ]]; then
local status=$(jq -r '.status' "$service_file" 2>/dev/null)
if [[ "$status" == "healthy" ]]; then
healthy_count=$((healthy_count + 1))
fi
fi
done < <(find /tmp -name "service_mesh_*.json" -type f)
echo "$healthy_count"
}
get_total_requests() {
local request_log="/var/log/service-mesh/requests.log"
if [[ -f "$request_log" ]]; then
wc -l < "$request_log"
else
echo "0"
fi
}
get_failed_requests() {
local request_log="/var/log/service-mesh/requests.log"
if [[ -f "$request_log" ]]; then
grep -c "FAILED" "$request_log" 2>/dev/null || echo "0"
else
echo "0"
fi
}
get_average_response_time() {
local request_log="/var/log/service-mesh/requests.log"
if [[ -f "$request_log" ]]; then
local total_time=0
local request_count=0
while IFS= read -r log_line; do
local response_time=$(echo "$log_line" | grep -o 'response_time=[0-9]*' | cut -d'=' -f2)
if [[ -n "$response_time" ]]; then
total_time=$((total_time + response_time))
request_count=$((request_count + 1))
fi
done < "$request_log"
if [[ $request_count -gt 0 ]]; then
echo $((total_time / request_count))
else
echo "0"
fi
else
echo "0"
fi
}
Service Mesh Security
#!/bin/bashService mesh security
mesh_security() {
local security_file="/var/log/service-mesh/security.json"
# Collect security metrics
local authenticated_requests=$(get_authenticated_requests)
local unauthorized_requests=$(get_unauthorized_requests)
local encrypted_connections=$(get_encrypted_connections)
local security_violations=$(get_security_violations)
# Generate security report
cat > "$security_file" << EOF
{
"timestamp": "$(date -Iseconds)",
"authenticated_requests": $authenticated_requests,
"unauthorized_requests": $unauthorized_requests,
"encrypted_connections": $encrypted_connections,
"security_violations": $security_violations,
"security_score": "$(calculate_security_score $authenticated_requests $unauthorized_requests)"
}
EOF
echo "β Service mesh security completed"
}get_authenticated_requests() {
local request_log="/var/log/service-mesh/requests.log"
if [[ -f "$request_log" ]]; then
grep -c "AUTHENTICATED" "$request_log" 2>/dev/null || echo "0"
else
echo "0"
fi
}
get_unauthorized_requests() {
local request_log="/var/log/service-mesh/requests.log"
if [[ -f "$request_log" ]]; then
grep -c "UNAUTHORIZED" "$request_log" 2>/dev/null || echo "0"
else
echo "0"
fi
}
get_encrypted_connections() {
local connection_log="/var/log/service-mesh/connections.log"
if [[ -f "$connection_log" ]]; then
grep -c "ENCRYPTED" "$connection_log" 2>/dev/null || echo "0"
else
echo "0"
fi
}
get_security_violations() {
local security_log="/var/log/service-mesh/security.log"
if [[ -f "$security_log" ]]; then
wc -l < "$security_log"
else
echo "0"
fi
}
calculate_security_score() {
local authenticated="$1"
local unauthorized="$2"
local total_requests=$((authenticated + unauthorized))
if [[ $total_requests -gt 0 ]]; then
local security_percentage=$((authenticated * 100 / total_requests))
if [[ $security_percentage -ge 95 ]]; then
echo "excellent"
elif [[ $security_percentage -ge 80 ]]; then
echo "good"
elif [[ $security_percentage -ge 60 ]]; then
echo "fair"
else
echo "poor"
fi
else
echo "unknown"
fi
}
π― Real-World Configuration Examples
Complete Service Mesh Configuration
service-mesh-config.tsk
service_mesh_config:
enabled: true
discovery: true
routing: true
load_balancing: true
circuit_breaker: true#service-mesh: enabled
#mesh-enabled: true
#mesh-discovery: true
#mesh-routing: true
#mesh-load-balancing: true
#mesh-circuit-breaker: true
#mesh-observability: true
#mesh-security: true
#mesh-policy: true
#mesh-monitoring: true
#mesh-tracing: true
#mesh-metrics: true
#mesh-config:
discovery:
enabled: true
sources:
- "docker"
- "kubernetes"
- "custom"
interval: 30
routing:
enabled: true
rules_file: "/etc/service-mesh/routing.conf"
default_policy: "allow"
load_balancing:
enabled: true
algorithm: "round-robin"
health_check: true
circuit_breaker:
enabled: true
failure_threshold: 5
timeout: 60
half_open_requests: 3
observability:
enabled: true
metrics:
- "request_count"
- "response_time"
- "error_rate"
tracing: true
logging: true
security:
enabled: true
authentication: true
authorization: true
encryption: true
mTLS: true
policy:
enabled: true
rules_file: "/etc/service-mesh/policy.conf"
enforcement: "strict"
monitoring:
enabled: true
interval: 60
alerts: true
Multi-Service Mesh
multi-service-mesh.tsk
multi_service_mesh:
meshes:
- name: frontend-mesh
discovery: true
routing: true
- name: backend-mesh
discovery: true
routing: true
- name: database-mesh
discovery: true
routing: false#mesh-frontend: enabled
#mesh-backend: enabled
#mesh-database: enabled
#mesh-config:
meshes:
frontend_mesh:
discovery: true
routing: true
load_balancing: true
services:
- "web-ui"
- "api-gateway"
backend_mesh:
discovery: true
routing: true
load_balancing: true
services:
- "user-service"
- "order-service"
- "payment-service"
database_mesh:
discovery: true
routing: false
load_balancing: false
services:
- "user-db"
- "order-db"
π¨ Troubleshooting Service Mesh
Common Issues and Solutions
1. Service Discovery Issues
Debug service discovery
debug_service_discovery() {
echo "Debugging service discovery..."
discover_services
echo "Service discovery debug completed"
}2. Routing Issues
Debug routing
debug_routing() {
local service_name="$1"
local request_path="$2"
echo "Debugging routing for $service_name:$request_path"
route_traffic "$service_name" "$request_path"
}π Security Best Practices
Service Mesh Security Checklist
Security validation
validate_service_mesh_security() {
echo "Validating service mesh security configuration..."
# Check mTLS
if [[ "${mesh_mtls}" == "true" ]]; then
echo "β mTLS enabled"
else
echo "β mTLS not enabled"
fi
# Check authentication
if [[ "${mesh_authentication}" == "true" ]]; then
echo "β Service authentication enabled"
else
echo "β Service authentication not enabled"
fi
# Check authorization
if [[ "${mesh_authorization}" == "true" ]]; then
echo "β Service authorization enabled"
else
echo "β Service authorization not enabled"
fi
}π Performance Optimization Tips
Service Mesh Performance Checklist
Performance validation
validate_service_mesh_performance() {
echo "Validating service mesh performance configuration..."
# Check discovery interval
local discovery_interval="${mesh_discovery_interval:-30}" # seconds
if [[ "$discovery_interval" -ge 10 ]]; then
echo "β Reasonable discovery interval ($discovery_interval s)"
else
echo "β Frequent discovery may impact performance ($discovery_interval s)"
fi
# Check circuit breaker
if [[ "${mesh_circuit_breaker}" == "true" ]]; then
echo "β Circuit breaker enabled"
else
echo "β Circuit breaker not enabled"
fi
# Check observability
if [[ "${mesh_observability}" == "true" ]]; then
echo "β Observability enabled"
else
echo "β Observability not enabled"
fi
}π― Next Steps
- Service Mesh Optimization: Learn about advanced service mesh optimization - Service Mesh Visualization: Create service mesh visualization dashboards - Service Mesh Correlation: Implement service mesh correlation and alerting - Service Mesh Compliance: Set up service mesh compliance and auditing
---
Service mesh transforms your TuskLang configuration into an intelligent, inter-service communication system. It brings modern microservices orchestration to your Bash applications with dynamic discovery, intelligent routing, and comprehensive observability!