Bird
Raised Fist0
Microservicessystem_design~10 mins

Sidecar proxy pattern in Microservices - Scalability & System Analysis

Choose your learning style10 modes available
LearnWhyDeepArchPracticeChallengeDesignRecallScale

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Scalability Analysis - Sidecar proxy pattern
Growth Table: Sidecar Proxy Pattern Scaling
Users / TrafficWhat Changes?
100 usersSingle instance of each microservice with one sidecar proxy each. Low network overhead. Simple deployment.
10,000 usersMultiple microservice instances with sidecars. Increased network traffic between proxies. Sidecars handle service discovery and retries.
1,000,000 usersMany microservice replicas and sidecars. Sidecars add CPU and memory overhead per instance. Network traffic between proxies grows significantly. Observability data volume increases.
100,000,000 usersThousands of microservice instances and sidecars. Sidecar resource usage becomes significant. Network bandwidth and proxy coordination (e.g., service mesh control plane) become bottlenecks.
First Bottleneck

The first bottleneck is the sidecar proxy resource overhead on each microservice instance. Each sidecar consumes CPU, memory, and network bandwidth. As instances scale, the cumulative resource use grows, potentially limiting how many microservice instances can run on a host.

Scaling Solutions
  • Horizontal scaling: Add more hosts to distribute microservice instances and their sidecars, reducing resource contention.
  • Optimize sidecar resource usage: Tune sidecar configurations to reduce CPU/memory footprint.
  • Use lightweight proxies: Choose efficient sidecar implementations to minimize overhead.
  • Service mesh control plane scaling: Scale control plane components horizontally to handle increased proxy coordination.
  • Caching and connection pooling: Sidecars can cache service discovery info and reuse connections to reduce network load.
  • Network infrastructure: Use high bandwidth and low latency networks to handle proxy-to-proxy communication.
Back-of-Envelope Cost Analysis
  • Assuming 1,000 microservice instances, each with 1 sidecar proxy.
  • Each sidecar handles ~1,000 concurrent connections.
  • At 1 million users, if each user generates 1 request per second, total requests = 1,000,000 QPS.
  • Each sidecar handles ~1,000 QPS, so need ~1,000 sidecars (matches instances).
  • Network bandwidth per sidecar depends on request size; e.g., 1 KB/request -> 1 MB/s per sidecar.
  • Total bandwidth ~1 GB/s aggregate across all sidecars.
  • CPU and memory per sidecar must be provisioned to handle peak load without latency increase.
Interview Tip

Start by explaining what the sidecar proxy pattern is and why it is used (e.g., to add networking features like retries, security, and observability without changing the microservice code). Then discuss how resource overhead grows with scale and identify the first bottleneck (sidecar resource use). Finally, propose targeted scaling solutions like horizontal scaling, proxy optimization, and control plane scaling. Use clear examples and numbers to support your points.

Self Check

Your sidecars handle 1000 QPS. Traffic grows 10x. What do you do first?

Answer: Since traffic grows 10x, the sidecar proxy resource overhead will be the first bottleneck. The first action is to horizontally scale by adding more microservice instances and their sidecars, and optimize sidecar configurations to reduce CPU/memory footprint before considering other scaling steps.

Key Result
Sidecar proxies add resource overhead per microservice instance, making proxy resource usage the first bottleneck as system scales; horizontal scaling and proxy optimization are key solutions.

Practice

(1/5)
1. What is the main purpose of the sidecar proxy pattern in microservices architecture?
easy
A. To handle database transactions directly
B. To replace the main service with a proxy for better performance
C. To store data separately from the main service
D. To add features like communication and security without changing the service code

Solution

  1. Step 1: Understand the role of sidecar proxy

    The sidecar proxy runs alongside the main service to add extra features such as communication handling, security, and monitoring.

  2. Step 2: Identify what it does not do

    It does not replace the service, store data, or handle database transactions directly.

  3. Final Answer:

    To add features like communication and security without changing the service code -> Option D

  4. Quick Check:

    Sidecar proxy adds features without changing service code = D [OK]
Hint: Sidecar adds features beside service, not inside it [OK]
Common Mistakes:
  • Thinking sidecar replaces the main service
  • Confusing sidecar with database or storage
  • Assuming sidecar handles business logic
2. Which of the following is the correct way to describe the deployment of a sidecar proxy in a microservices environment?
easy
A. Deployed alongside the main service in the same environment or container
B. Deployed as a separate service on a different server
C. Deployed inside the main service codebase
D. Deployed only on the client side

Solution

  1. Step 1: Understand sidecar deployment

    The sidecar proxy runs alongside the main service, usually in the same environment or container, to intercept and manage traffic.

  2. Step 2: Eliminate incorrect options

    It is not deployed as a separate service on a different server, nor inside the main service code, nor only on the client side.

  3. Final Answer:

    Deployed alongside the main service in the same environment or container -> Option A

  4. Quick Check:

    Sidecar runs alongside service = A [OK]
Hint: Sidecar runs side-by-side, not separately or inside code [OK]
Common Mistakes:
  • Thinking sidecar is a separate remote service
  • Confusing sidecar with code library inside service
  • Assuming sidecar runs only on client machines
3. Consider this simplified request flow in a microservice using a sidecar proxy: 
Client -> Sidecar Proxy -> Service -> Sidecar Proxy -> Client
What is the main benefit of this flow?
medium
A. The sidecar proxy can handle retries, security checks, and logging without changing the service
B. The service can directly communicate with the client without any proxy
C. The sidecar proxy replaces the service logic for faster processing
D. The client bypasses the sidecar proxy for faster response

Solution

  1. Step 1: Analyze the request flow with sidecar proxy

    The sidecar proxy intercepts requests and responses, allowing it to add features like retries, security checks, and logging transparently.

  2. Step 2: Understand the benefit of this interception

    This keeps the service code simple and focused on business logic, while the sidecar handles cross-cutting concerns.

  3. Final Answer:

    The sidecar proxy can handle retries, security checks, and logging without changing the service -> Option A

  4. Quick Check:

    Sidecar manages extra tasks transparently = A [OK]
Hint: Sidecar handles extras, service stays simple [OK]
Common Mistakes:
  • Thinking sidecar replaces service logic
  • Assuming client talks directly to service
  • Believing sidecar slows down response by bypassing
4. A developer notices that the sidecar proxy is not forwarding requests to the main service correctly. Which of the following is the most likely cause?
medium
A. The main service code has a syntax error
B. The client is not sending requests
C. The sidecar proxy configuration is missing the service's local address
D. The database is down

Solution

  1. Step 1: Identify sidecar proxy forwarding issue

    If the sidecar proxy does not forward requests, it is often due to incorrect or missing configuration about where the main service is located.

  2. Step 2: Rule out unrelated causes

    Syntax errors in service code, client not sending requests, or database issues do not directly cause proxy forwarding failures.

  3. Final Answer:

    The sidecar proxy configuration is missing the service's local address -> Option C

  4. Quick Check:

    Proxy forwarding fails if service address missing = B [OK]
Hint: Check proxy config for service address first [OK]
Common Mistakes:
  • Blaming service code syntax errors
  • Assuming client or database issues cause proxy failure
  • Ignoring proxy configuration details
5. You want to add monitoring and security features to multiple microservices without changing their code. How does the sidecar proxy pattern help solve this problem at scale?
hard
A. By centralizing monitoring and security in a single proxy for all services
B. By deploying a sidecar proxy with each service instance to handle monitoring and security independently
C. By rewriting each service to include monitoring and security code
D. By removing proxies and letting clients handle monitoring

Solution

  1. Step 1: Understand scaling with sidecar proxies

    Deploying a sidecar proxy alongside each service instance allows independent handling of monitoring and security without modifying service code.

  2. Step 2: Compare with other options

    Rewriting services is costly and error-prone; centralizing in one proxy creates a bottleneck; removing proxies loses control.

  3. Final Answer:

    By deploying a sidecar proxy with each service instance to handle monitoring and security independently -> Option B

  4. Quick Check:

    Sidecar per service instance scales features independently = C [OK]
Hint: Sidecar per service instance scales features well [OK]
Common Mistakes:
  • Thinking one proxy can handle all services centrally
  • Assuming code changes are needed for features
  • Ignoring scalability and bottleneck issues