← Back to Blog
ARCHITECTURE

What Is a Service Mesh? Istio & Microservice Networking

F. Çağrı BilgehanFebruary 2, 202610 min read
service meshistiomicroserviceskubernetes

What Is a Service Mesh? Microservice Networking Guide

Is communication between your microservices getting complex? Adding retry, timeout, and circuit breaker logic to every service? Service Mesh extracts this infrastructure into a dedicated network layer.

What Is a Service Mesh?

A service mesh is an infrastructure layer that manages network communication between microservices. It adds a sidecar proxy next to each service, providing traffic management, security, and observability without touching business logic.

Without mesh: Service A ──(retry, timeout, TLS code)──→ Service B
With mesh:    Service A → [Envoy] ──→ [Envoy] → Service B
                          (automatic retry, mTLS)

Key Components

Data Plane

Sidecar proxies (usually Envoy) intercept all network traffic.

Control Plane

Central management (Istiod) that configures and coordinates proxies.

Istio Traffic Management

Canary Deployment

http:
  - route:
      - destination: { host: my-app, subset: v1 }
        weight: 90
      - destination: { host: my-app, subset: v2 }
        weight: 10

Retry & Timeout

retries:
  attempts: 3
  perTryTimeout: 2s
timeout: 10s

Circuit Breaker

outlierDetection:
  consecutive5xxErrors: 5
  interval: 30s
  baseEjectionTime: 60s

mTLS

Service mesh automatically encrypts all service-to-service traffic with mutual TLS. Certificate generation, distribution, and rotation are automatic.

Service Mesh Tools

| Tool | Proxy | Highlights | |------|-------|-----------| | Istio | Envoy | Most popular, feature-rich | | Linkerd | Rust proxy | Lightweight, simple | | Consul Connect | Envoy | Multi-platform |

When to Use

✅ 10+ microservices | ✅ mTLS required | ✅ Canary deployments | ✅ Distributed tracing

❌ Few services (<5) | ❌ Monolithic architecture | ❌ Resource-constrained

Best Practices

  1. Adopt gradually — Start with observability, then traffic management
  2. Set sidecar resource limits — Each proxy consumes CPU/RAM
  3. Enforce mTLS — Use STRICT mode
  4. Integrate tracing — Jaeger/Zipkin for distributed tracing

Conclusion

Service mesh abstracts network complexity in microservice architectures, centralizing security, traffic management, and observability. But it adds complexity and resource cost — make sure you truly need it.

Learn service mesh and microservice architecture on LabLudus.

Related Posts

What Is a Message Queue? Async Communication with RabbitMQ & Kafka

Message queues explained: RabbitMQ, Apache Kafka, async architecture, pub/sub patterns, and event-driven design for scalable systems.

What Is Software Architecture? A Comprehensive Guide

What is software architecture, why does it matter, and how do you learn it? A deep dive into architectural patterns, quality attributes, and the architect's career path.