What Does a Service Mesh Do?
What Does a Service Mesh Do?
A service mesh is a dedicated infrastructure layer that provides features such as traffic management, service discovery, load balancing, security and observability for distributed applications, such as microservices applications deployed in Kubernetes.
In a service mesh, each service is typically deployed with a sidecar proxy, such as Envoy, which intercepts and manages network traffic to and between services. This enables service mesh platforms like Istio to provide advanced traffic routing, load balancing and failover capabilities.
Key Features of Service Mesh
Traffic Management
Service meshes provide sophisticated traffic management capabilities including:
- Advanced routing: Route traffic based on headers, paths, or other criteria
- Load balancing: Distribute traffic across multiple service instances
- Failover: Automatically redirect traffic when services become unavailable
- Traffic splitting: Gradually shift traffic between different service versions
Security
Service meshes also provide security features such as mutual TLS (mTLS) authentication and authorization, which can help secure microservices communication. They can also enforce policies such as rate limiting, circuit breaking and fault injection, which can help improve application reliability.
Observability
Observability is another key feature of the service mesh. It provides visibility into the communication between microservices, allowing developers to monitor and debug their applications more easily. Service meshes can collect and aggregate metrics, logs and traces from microservices, providing a holistic view of the application’s behavior.
Benefits for Teams
Service mesh is a powerful tool for managing distributed applications, providing platform, infosec and app teams with the flexibility, security and observability they need to build, deploy and manage modern applications.
Learn More
For more information, read our Learning Center article on service mesh and explore how service mesh can benefit your microservices architecture.
Related Resources
- What Is Istio Service Mesh? - Understanding Istio, the most popular service mesh
- What Is Envoy Proxy? - The data plane proxy used by service meshes
- What Is mTLS? - Mutual TLS authentication in service mesh
- Tetrate Service Bridge - Enterprise service mesh platform
- Tetrate Service Express - EKS-native service mesh for AWS