Service Mesh

Enable microservices with reliable, secure and scalable secure service to service communication at cloud scale with service mesh.

What is Service Mesh?

Service Mesh is an infrastructure layer that abstracts application networking from the business logic of the application. In doing so, the service mesh can provide a configurable network layer to facilitate communication between services using their application programming interfaces (APIs). This architecture is facilitated by deploying a proxy as a sidecar alongside each application service. All communications between the application services are facilitated through the sidecar proxies (data plane) which are configured and managed through a control plane. Popular service mesh technologies include Istio, Linkerd, AWS App Mesh, HashiCorp Consul Connect, Open Service Mesh, and others that are either built with Envoy Proxy or a custom proxy specific to the service mesh provider. 

 

Why Do We Need Service Mesh?

The rising popularity of microservices based architecture and container orchestration (Docker and Kubernetes) creates a new challenge in solving the service to service communication within a cluster. These microservices are comprised of potentially hundreds of loosely coupled services that are dynamic, ephemeral, and distributed making the network between them critical to ensure a properly functioning application. 

Unlike monolithic applications that primarily focus on incoming traffic to a single application instance, microservices need to consider incoming traffic to many application instances and manage the traffic between the services. Incoming traffic to the cluster is often called north-south while the service to service communication within the cluster is called east-west. A service mesh is designed to solve the requirements of enabling and managing east-west communications. 

 

What Can You Do With a Service Mesh?

Service mesh solves a major challenge in building and operating cloud-native applications by laying the foundation and API to L7 networking to gain more insight and control into the distributed application behavior. Service mesh provides functionality to application developers like service discovery, client-side load balancing, timeouts, retries, circuit breaking and more that work regardless of their application framework or language. For operators, service mesh provides a set of L7 controls over traffic routing, policy enforcement, and strong identity (authentication and authorization) and security (encryption, mTLS). The service mesh is also an extension point and vehicle for new functionality that can be deployed to applications through the service mesh. Examples of extensibility include progressive delivery, chaos engineering and operators for automating service mesh behavior.

Challenge

Organizations looking to adopt microservices and service mesh are faced with a myriad of choices in mesh providers and need to also build tooling to handle security and operations.

  • Ever increasing number of service mesh options available
  • Each service mesh has a different implementation, APIs and integration points
  • Each service mesh presents a different operating model

Solution

Teams need the ability to choose the service mesh that best suits the business and technical needs of their application. They require the flexibility to use any service mesh on any infrastructure with the controls to manage their diverse environment in a consistent way.

  • Flexibility to choose any service mesh at any time for your applications
  • Unify service mesh management and improve extensibility through an API translation layer
  • Ensure configuration consistency and compliance

Simplify Service Mesh Adoption And Operations

Gloo Mesh provides a unified management plane for single to multi-cluster and multi-platform service mesh configuration, routing, and operations. Streamline your service mesh cluster management, gain deep visibility across clouds and regions, and improve customer experience with global failover and locality-aware routing.

Configure

Simplify the installation and configuration of a wide variety of service meshes into your environment. Ensure consistency in critical configurations like security to reduce risk in a dynamic environment.

Manage

Unify the observability, management and operation of a hybrid mesh environment. Group multiple clusters or meshes on-orem or in the cloud, know what is running where to control your application traffic.

Extend

Leverage the mesh architecture to improve your application resilience and safety with 3rd party or custom built tools for testing, delivery, security and more.

Open Source

Try Gloo Mesh open source to configure and manage Istio, App Mesh, and Open Service Mesh clusters

Enterprise

Get added enterprise security, scalability, observability, and support for validated upstream Istio software including 24/7 production support, long-term support (LTS), patches, and hot-fixes.

Customize Your Service Mesh

Build opinionated operators for an adaptive service mesh and custom proxy filters.

Use Cases

API Gateway Integration

Easily integrate traffic management into (north/south) and within (east/west) your cluster. The Service Mesh Hub integrates Gloo API gateway to any service mesh under management to configure end to end security, encryption and traffic control.
Learn More

Multi Cluster Management

Streamline management of your mesh across different clusters in your environment and across the software delivery lifecycle. Avoid issues of potential misconfigurations and manage multiple clusters consistently with a unified dashboard
Learn More

Multi-Service Mesh

Get the freedom to choose any service mesh today and tomorrow on any infrastructure, and operate them together from a unified dashboard. Group disparate meshes into a single flat network and operate them as a single logical mesh.
Learn More

Service Mesh

Your microservices networking architecture may evolve to service mesh for service to service (east/west) communication. Gloo seamlessly integrates to service mesh for end to end traffic control and management.
Learn More