1

Major features of service meshes are

  1. Service Discovery
  2. Configuration management

both of them are provided by Kubernetes.
Why do we need a service mesh then?

*I understand that for more complex tasks e.g. zoning, security, complex load balancing and routing a service mesh is the right tool.

Krishna Chaurasia
  • 8,924
  • 6
  • 22
  • 35
whowhenhow
  • 109
  • 1
  • 8
  • 1
    Does this answer your question? [Kubernetes - is Service Mesh a must?](https://stackoverflow.com/questions/65913552/kubernetes-is-service-mesh-a-must) – Russ J May 28 '21 at 06:23
  • seems as what I mentioned *I understand that for more complex tasks e.g. zoning, security, complex load balancing and routing a service mesh is the right tool. – whowhenhow May 28 '21 at 08:00

1 Answers1

1

In short, applying a service mesh, for example Istio help establish and manage communication between services (microservices) easier especially when you have a large number of services, and also provide security and other features. But if you had just couple of services, you might not need it for example.

Howie S. Nguyen
  • 40
  • 1
  • 5
  • Any extraordinary service mash features that are a really good selling point for them? – whowhenhow May 28 '21 at 08:00
  • Not really. At least we have Istio which is an open-source and uses the Apache License 2.0. – Howie S. Nguyen May 28 '21 at 08:26
  • 1
    FYI.. According to the website istio.io, "As the deployment of distributed services, such as in a Kubernetes-based system, grows in size and complexity, it can become harder to understand and manage. Its requirements can include discovery, load balancing, failure recovery, metrics, and monitoring. A service mesh also often addresses more complex operational requirements, like A/B testing, canary deployments, rate limiting, access control, encryption, and end-to-end authentication." – Howie S. Nguyen May 28 '21 at 08:28
  • Adding to original answer: The kube-proxy (k8s default proxy) settings are global and cannot be controlled at a granular level for each service, while service mesh takes the traffic control out of the service layer in Kubernetes by means of sidecar proxy - allowing for more elasticity. –  May 28 '21 at 10:38