Comprehensive Introduction to Service Mesh

Service Mesh

Service Mesh is considered the next‑generation microservice architecture, providing an infrastructure layer that manages and controls inter‑service communication.

The term combines two key concepts: “service”, referring to an independently deployed functional unit, and “mesh”, the communication network and topology linking those services.

In a mesh, sidecar proxies are injected alongside each service instance, forming a transparent, programmable communication layer.

Why Service Mesh is Needed

Traditional service governance embeds registration, discovery, load balancing, and fault recovery logic within SDKs, tightly coupling business code to a specific framework.

Service Mesh decouples these concerns by inserting dedicated proxies (e.g., sidecars) between services, allowing business code to remain agnostic to governance implementation, improving flexibility, portability, and alignment with cloud‑native design principles.

Service Mesh Principles

The architecture relies on two planes: the Data Plane and the Control Plane.

1. Data Plane

The Data Plane intercepts, processes, and forwards all traffic to and from service instances, handling load balancing, fault recovery, and security policies. Its core component is the sidecar proxy, deployed next to each service.

Sidecar proxies operate independently of business logic, providing transparent traffic management.

2. Control Plane

The Control Plane configures, monitors, and manages communication across the mesh. It consists of several sub‑components, typically exemplified by Istio:

Pilot – service discovery and routing.

Galley – configuration validation and distribution.

Citadel – mutual TLS authentication and encryption.

Mixer – policy enforcement and telemetry.

These components work together in a distributed fashion to provide comprehensive traffic control, observability, and security.

Additional Resources

The author also offers a 300,000‑word collection of advanced Alibaba architecture topics and a comprehensive Java interview question set, available via the linked WeChat public account.