side-car proxy
• A sidecar proxy is an
application design pattern
which abstracts certain
features, such as inter-
service communications,
monitoring and security,
away from the main
architecture to ease the
tracking and maintenance of
the application as a whole.
Slide 6
Slide 6 text
No content
Slide 7
Slide 7 text
No content
Slide 8
Slide 8 text
No content
Slide 9
Slide 9 text
No content
Slide 10
Slide 10 text
Controller Plane
• Provides policy and
configuration for services
in the mesh.
• Takes a set of isolated
stateless sidecar proxies
and turns them into a
service mesh.
• Does not touch any
packets/requests in the
system.
Slide 11
Slide 11 text
Data Plane
• touches every
packet/request in the
system.
• is responsible for service
discovery, health
checking, routing, load
balancing, authentication,
authorization, and
observability.
Slide 12
Slide 12 text
No content
Slide 13
Slide 13 text
• Kubernetes has used an
Ingress controller to
handle the traffic that
enters the cluster from
the outside.
• Istio has replaced the
familiar Ingress resource
with new Gateway and
VirtualServices resources.