Service Mesh

Enable microservices with reliable, secure, and scalable communications

So what is a service mesh?

A service mesh is an infrastructure layer that abstracts application networking from the business logic of your application services. A service mesh can provide a configurable network layer for communication between services using their APIs. Communication between the application services are facilitated through the sidecar proxies forming the data plane, and that communication is managed through the service mesh’s control plane. Service mesh technologies include Istio, Linkerd, AWS App Mesh, HashiCorp Consul Connect, Open Service Mesh, and these kinds of mesh services are often built on the Envoy Proxy

 

Why do you need a service mesh?

The rising popularity of microservices and container orchestration (like Docker and Kubernetes) creates a new challenge for service-to-service communication. These microservices are comprised of potentially hundreds of loosely coupled services that are dynamic, ephemeral, and distributed making the network between them critical to the application service. 

And a service mesh can help bridge that communication gap.

Unlike monolithic applications that usually direct incoming traffic to a single application instance, microservices need to handle incoming traffic to many application instances and manage the traffic between the services. Incoming traffic to the cluster is often called north-south while the service-to-service communication within the cluster is called east-west. A service mesh enables and manages the east-west communications. 

 

What can you do with a service mesh?

A service mesh solves challenges in building and operating microservices applications by managing networking and providing insight and control into your distributed application’s behavior. A service mesh provides functionality including service discovery, client-side load balancing, timeouts, retries, and circuit breaking, which all work regardless of their application service framework or language. A service mesh also provides a set of networking controls over traffic routing, policy enforcement, strong identity (authentication and authorization), and security (encryption, mTLS). You can extend new functionality to your applications through the service mesh. Examples of extensibility include progressive delivery, chaos engineering, and operators for automating your service mesh’s behavior.

Challenge

Organizations looking to adopt microservices and service meshes are faced with choices in mesh providers and often need to build tooling to handle security and operations. Issues include:

  • Ever increasing number of service mesh options available
  • Each service mesh has a different implementation, APIs and integration points
  • Each service mesh presents a different operating model

Solution

Get the flexibility to use any service mesh on any infrastructure with the controls to manage your diverse environments in a consistent way.

  • Flexibility to choose any service mesh at any time for your applications
  • Unify service mesh management and improve extensibility through an API translation layer
  • Ensure configuration consistency and compliance

Simplify service mesh adoption and operations

Gloo Mesh provides a unified management plane for single to multi-cluster and multi-platform service mesh configuration, routing, and operations. Streamline your service mesh cluster management, gain deep visibility across clouds and regions, and improve customer experience with global failover and locality-aware routing.

Configure

Simplify the installation and configuration of a wide variety of service meshes into your environment. Ensure consistency in critical configurations like security to reduce risk in a dynamic environment.

Manage

Unify the observability, management and operation of a hybrid mesh environment. Group multiple clusters or meshes on-premises or in the cloud, know what is running where to control your application traffic.

Extend

Leverage the service mesh architecture to improve your application resilience and safety with 3rd-party or custom built tools for testing, delivery, security, and more.

Open Source

Try Gloo Mesh open source to configure and manage Istio, App Mesh, and Open Service Mesh clusters

Enterprise

Get added enterprise security, scalability, observability, and support for validated upstream Istio software including 24/7 production support, long-term support (LTS), patches, and hot-fixes.

Customize Your Service Mesh

Build opinionated operators for an adaptive service mesh and custom proxy filters.

Use Cases

API gateway integration

Easily integrate traffic management into (north/south) and within (east/west) your cluster. Gloo Mesh integrates the Gloo Edge API gateway to any service mesh to configure end to end security, encryption, and traffic control.
Learn More

Multi-cluster management

Streamline management of your service mesh across different clusters in your environment and across the software delivery lifecycle. Avoid issues of potential misconfigurations and manage multiple clusters consistently with a unified dashboard.
Learn more

Multi-Service Mesh

Get the freedom to choose any service mesh today and tomorrow on any infrastructure, and operate them together from a unified dashboard. Group disparate meshes into a single flat network and operate them as a single logical mesh.
Learn more

Service Mesh

Your microservices networking architecture may evolve to service mesh for service-to-service (east/west) communication. Gloo Edge seamlessly integrates to service mesh for end-to-end traffic control and management.
Learn more