A sidecar container extends and enhances the functionality of a preexisting container without changing it.
That 2nd container can do a lot of tasks, f.e. add the additional level of authorization or perform pre-processing of the request before forwarding it to the main container (decorator pattern)
Examples:
- Envoy service mesh (runs alongside every application and abstracts the network by providing common features in a platform-agnostic manner.)
- Dapr (another service mesh) - increases productivity by 20-40% with out-of-the-box features such as workflow, pub/sub, state management, secret stores, external configuration, bindings, distributed lock, and cryptography.
[1] Tin-Can Phone: Patterns To Add Authorization to legacy Apps
[2] Envoy
[3] Dapr