{"id":10464,"date":"2022-04-18T14:49:04","date_gmt":"2022-04-18T09:19:04","guid":{"rendered":"https:\/\/opstree.com\/blog\/\/?p=10464"},"modified":"2022-04-18T14:49:10","modified_gmt":"2022-04-18T09:19:10","slug":"an-introduction-to-istio-service-mesh-its-architecture","status":"publish","type":"post","link":"https:\/\/opstree.com\/blog\/2022\/04\/18\/an-introduction-to-istio-service-mesh-its-architecture\/","title":{"rendered":"<strong>An Introduction to ISTIO Service Mesh &amp; its Architecture!<\/strong>"},"content":{"rendered":"\n<p>ISTIO has become a popular choice for service mesh among enterprises these days, allowing IT teams to add capabilities of observability, traffic management, and security to the apps. Here\u2019s more on ISTIO and its architecture. Read further to know more!<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2022\/04\/526fd-02whx1yiscosbnnhg.png\" alt=\"\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"76ab\"><strong>What is ISTIO?<\/strong><\/h2>\n\n\n\n<p id=\"24e2\"><a href=\"https:\/\/cloud.google.com\/learn\/what-is-istio#:~:text=Istio%20is%20a%20service%20mesh,up%20a%20cloud%2Dnative%20application.\" rel=\"noreferrer noopener\" target=\"_blank\">ISTIO<\/a>&nbsp;Service Mesh is a configurable, open-source service-mesh layer that provides a way to control how microservices share data with one another. It offers a transparent and language-independent way to flexibly and easily automate the network functions within an application.<\/p>\n\n\n\n<p id=\"28d0\">ISTIO allows IT teams to add capabilities of observability, traffic management, and security to the applications, without the need to add these to the original code. This frees the developers from the pains of writing codes for networking and security from scratch.<\/p>\n\n\n\n<p id=\"045c\">Moreover, Istio enables organizations to secure, connect, and\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/opstree.com\/blog\/\/2022\/02\/11\/observability-for-monitoring-microservices-top-5-ways\/?utm_source=Microblog&amp;utm_medium=Medium&amp;utm_campaign=Microblog_Medium_An+Introduction+to+ISTIO+Service+Mesh+%26+its+Architecture%21\" target=\"_blank\"><strong>monitor microservices<\/strong><\/a>, so they can modernize their enterprise applications at a faster pace and securely. This is why ISTIO installation on Kubernetes is being widely adopted by enterprises, both big and small, as the perfect solution to manage different microservices that together build a cloud-native application. ISTIO supports and handles how different parts of a microservices application communicate and share data with one another.<\/p>\n\n\n\n<!--more-->\n\n\n\n<h2 class=\"wp-block-heading\" id=\"739f\"><strong>Components involved in the ISTIO Architecture!<\/strong><\/h2>\n\n\n\n<p id=\"fea6\">Here\u2019s a brief description of the ISTIO architecture. Let\u2019s take a look. The Istio architecture comprises of two main components,<\/p>\n\n\n\n<ul><li><strong><em>The Data plane:\u00a0<\/em><\/strong>The second main component of ISTIO service mesh is the Data plane. The data plane is composed of a set of intelligent proxies known as\u00a0<strong>Envoy<\/strong>. These proxies are deployed as sidecars. They control all network communication between microservices.<\/li><li><strong><em>The Control plane:\u00a0<\/em><\/strong>The control plane is used for configuring and managing proxies in the data plane.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2022\/04\/c6f0c-0wukbltxek9ywsi56.png\" alt=\"\" width=\"800\" height=\"1000\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"de53\"><strong>The Data Plane<\/strong><\/h2>\n\n\n\n<p id=\"9c37\">Data Plane is an important component of the ISTIO service mesh architecture. The data plane consists of Envoy proxies that are deployed into the pods as sidecars. These envoy proxies interact and manage traffic for all services within the system. This includes managing and controlling all network communication between the microservices.<\/p>\n\n\n\n<p id=\"5422\">Since they are added as sidecars, there is no need for the developers to write code to implement the proxies in the application architecture. The Envoy proxies control traffic by listing routing rules (for HTTP, gRPC, TCP) and applying policies of TLS and traffic encryption.<\/p>\n\n\n\n<p id=\"ccac\">All traffic goes through these Envoy proxies that are responsible for collecting large amounts of data and providing valuable insight into the traffic. This is how the installation of ISTIO in Kubernetes helps DevOps teams to monitor traffic and gain clear observability.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"07ec\"><strong>The Control Plane<\/strong><\/h2>\n\n\n\n<p id=\"e5ea\">The control plane in the ISTIO architecture is a combination of three components that include,<\/p>\n\n\n\n<ul><li><strong><em>Pilot:&nbsp;<\/em><\/strong>This component of the control plane uses the Envoy API to communicate with Envoy sidecars. Pilot is responsible for traffic management, routing, and service discovery.<\/li><li><strong><em>Citadel:&nbsp;<\/em><\/strong>It provides secure communication among services by managing user authentication, certificate, and credential management.<\/li><li><strong><em>Galley:<\/em><\/strong>&nbsp;This component of the Control Plane within the ISTIO architecture is responsible for configuration management, ingestion, distribution, and processing.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2022\/04\/e334c-0aj8x7cxgaqojxk-2.png\" alt=\"\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"4fcf\"><strong>Choose the Right Platform!<\/strong><\/h2>\n\n\n\n<p id=\"2931\">A reliable and powerful Kubernetes &amp; DevSecOps platform, like&nbsp;<strong>BuildPiper<\/strong>, is what enterprises need to overcome the hassles of setting up a service mesh. It provides complete support for&nbsp;<a href=\"https:\/\/www.opstree.com\/buildpiper\/documentation\/docs\/security-&amp;-observability\/supportforISTIO\/?utm_source=Microblog&amp;utm_medium=Medium&amp;utm_campaign=Microblog_Medium_An+Introduction+to+ISTIO+Service+Mesh+%26+its+Architecture%21\" rel=\"noreferrer noopener\" target=\"_blank\"><strong>ISTIO installation in Kubernetes<\/strong><\/a>&nbsp;and ISTIO gateways ensuring a seamless, secure and compliant service deployment.<\/p>\n\n\n\n<p id=\"5d3b\">Integrating with best industry-standard tools such as ISTIO service mesh, BuildPiper enables a hassle-free and secured Microservices application delivery, allowing businesses to leverage ISTIO\u2019s capabilities for controlled traffic management.<\/p>\n\n\n\n<p id=\"cb09\">With Managed Microservices, one of the amazing features of the product, BuildPiper enables easy and quick delivery of Microservices Applications on Kubernetes in under a day and helps DevOps &amp; IT teams in doing away with the pain and hassle of setting up &amp; managing these.<\/p>\n\n\n\n<p id=\"255c\"><a href=\"https:\/\/www.opstree.com\/buildpiper\/contact.html?utm_source=Microblog&amp;utm_medium=Medium&amp;utm_campaign=Microblog_Medium_An+Introduction+to+ISTIO+Service+Mesh+%26+its+Architecture%21\" rel=\"noreferrer noopener\" target=\"_blank\"><strong><em>Explore other exciting features of BuildPiper including Managed Kubernetes, Secure &amp; hassle-free CI\/CD setup, and Security, Compliance &amp; Observability. Take a look today!<\/em><\/strong><\/a><\/p>\n\n\n\n<p id=\"def3\"><strong><em>You can read more on Service Mesh and its architecture here in this blog.<\/em><\/strong><\/p>\n\n\n\n<p id=\"827c\"><a rel=\"noreferrer noopener\" href=\"https:\/\/opstree.com\/blog\/\/2022\/02\/24\/an-introduction-to-service-mesh-architecture\/?utm_source=Microblog&amp;utm_medium=Medium&amp;utm_campaign=Microblog_Medium_An+Introduction+to+ISTIO+Service+Mesh+%26+its+Architecture%21\" target=\"_blank\"><strong><em>An Introduction to Service Mesh Architecture!<\/em><\/strong><\/a><\/p>\n\n\n\n<p><strong>Opstree<\/strong> is an End to End DevOps solution provider<\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-fill\"><a class=\"wp-block-button__link\" href=\"https:\/\/www.opstree.com\/contact-us\" target=\"_blank\" rel=\"noreferrer noopener\">CONTACT US<\/a><\/div>\n<\/div>\n\n\n\n<p class=\"has-text-align-center\"><strong>Connect Us <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-social-links aligncenter is-content-justification-right is-layout-flex wp-container-core-social-links-is-layout-1 wp-block-social-links-is-layout-flex\"><li class=\"wp-social-link wp-social-link-linkedin  wp-block-social-link\"><a href=\"https:\/\/www.linkedin.com\/company\/opstree-solutions\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M19.7,3H4.3C3.582,3,3,3.582,3,4.3v15.4C3,20.418,3.582,21,4.3,21h15.4c0.718,0,1.3-0.582,1.3-1.3V4.3 C21,3.582,20.418,3,19.7,3z M8.339,18.338H5.667v-8.59h2.672V18.338z M7.004,8.574c-0.857,0-1.549-0.694-1.549-1.548 c0-0.855,0.691-1.548,1.549-1.548c0.854,0,1.547,0.694,1.547,1.548C8.551,7.881,7.858,8.574,7.004,8.574z M18.339,18.338h-2.669 v-4.177c0-0.996-0.017-2.278-1.387-2.278c-1.389,0-1.601,1.086-1.601,2.206v4.249h-2.667v-8.59h2.559v1.174h0.037 c0.356-0.675,1.227-1.387,2.526-1.387c2.703,0,3.203,1.779,3.203,4.092V18.338z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">LinkedIn<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-youtube  wp-block-social-link\"><a href=\"https:\/\/www.youtube.com\/channel\/UCeLma6SpNYH7jjYKSBNSexw\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M21.8,8.001c0,0-0.195-1.378-0.795-1.985c-0.76-0.797-1.613-0.801-2.004-0.847c-2.799-0.202-6.997-0.202-6.997-0.202 h-0.009c0,0-4.198,0-6.997,0.202C4.608,5.216,3.756,5.22,2.995,6.016C2.395,6.623,2.2,8.001,2.2,8.001S2,9.62,2,11.238v1.517 c0,1.618,0.2,3.237,0.2,3.237s0.195,1.378,0.795,1.985c0.761,0.797,1.76,0.771,2.205,0.855c1.6,0.153,6.8,0.201,6.8,0.201 s4.203-0.006,7.001-0.209c0.391-0.047,1.243-0.051,2.004-0.847c0.6-0.607,0.795-1.985,0.795-1.985s0.2-1.618,0.2-3.237v-1.517 C22,9.62,21.8,8.001,21.8,8.001z M9.935,14.594l-0.001-5.62l5.404,2.82L9.935,14.594z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">YouTube<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-github  wp-block-social-link\"><a href=\"https:\/\/github.com\/OpsTree\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12,2C6.477,2,2,6.477,2,12c0,4.419,2.865,8.166,6.839,9.489c0.5,0.09,0.682-0.218,0.682-0.484 c0-0.236-0.009-0.866-0.014-1.699c-2.782,0.602-3.369-1.34-3.369-1.34c-0.455-1.157-1.11-1.465-1.11-1.465 c-0.909-0.62,0.069-0.608,0.069-0.608c1.004,0.071,1.532,1.03,1.532,1.03c0.891,1.529,2.341,1.089,2.91,0.833 c0.091-0.647,0.349-1.086,0.635-1.337c-2.22-0.251-4.555-1.111-4.555-4.943c0-1.091,0.39-1.984,1.03-2.682 C6.546,8.54,6.202,7.524,6.746,6.148c0,0,0.84-0.269,2.75,1.025C10.295,6.95,11.15,6.84,12,6.836 c0.85,0.004,1.705,0.114,2.504,0.336c1.909-1.294,2.748-1.025,2.748-1.025c0.546,1.376,0.202,2.394,0.1,2.646 c0.64,0.699,1.026,1.591,1.026,2.682c0,3.841-2.337,4.687-4.565,4.935c0.359,0.307,0.679,0.917,0.679,1.852 c0,1.335-0.012,2.415-0.012,2.741c0,0.269,0.18,0.579,0.688,0.481C19.138,20.161,22,16.416,22,12C22,6.477,17.523,2,12,2z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">GitHub<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-facebook  wp-block-social-link\"><a href=\"https:\/\/www.facebook.com\/opstree\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12 2C6.5 2 2 6.5 2 12c0 5 3.7 9.1 8.4 9.9v-7H7.9V12h2.5V9.8c0-2.5 1.5-3.9 3.8-3.9 1.1 0 2.2.2 2.2.2v2.5h-1.3c-1.2 0-1.6.8-1.6 1.6V12h2.8l-.4 2.9h-2.3v7C18.3 21.1 22 17 22 12c0-5.5-4.5-10-10-10z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Facebook<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-medium  wp-block-social-link\"><a href=\"https:\/\/medium.com\/buildpiper\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M20.962,7.257l-5.457,8.867l-3.923-6.375l3.126-5.08c0.112-0.182,0.319-0.286,0.527-0.286c0.05,0,0.1,0.008,0.149,0.02 c0.039,0.01,0.078,0.023,0.114,0.041l5.43,2.715l0.006,0.003c0.004,0.002,0.007,0.006,0.011,0.008 C20.971,7.191,20.98,7.227,20.962,7.257z M9.86,8.592v5.783l5.14,2.57L9.86,8.592z M15.772,17.331l4.231,2.115 C20.554,19.721,21,19.529,21,19.016V8.835L15.772,17.331z M8.968,7.178L3.665,4.527C3.569,4.479,3.478,4.456,3.395,4.456 C3.163,4.456,3,4.636,3,4.938v11.45c0,0.306,0.224,0.669,0.498,0.806l4.671,2.335c0.12,0.06,0.234,0.088,0.337,0.088 c0.29,0,0.494-0.225,0.494-0.602V7.231C9,7.208,8.988,7.188,8.968,7.178z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Medium<\/span><\/a><\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>ISTIO has become a popular choice for service mesh among enterprises these days, allowing IT teams to add capabilities of observability, traffic management, and security to the apps. Here\u2019s more on ISTIO and its architecture. Read further to know more! What is ISTIO? ISTIO&nbsp;Service Mesh is a configurable, open-source service-mesh layer that provides a way &hellip; <a href=\"https:\/\/opstree.com\/blog\/2022\/04\/18\/an-introduction-to-istio-service-mesh-its-architecture\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;<strong>An Introduction to ISTIO Service Mesh &amp; its Architecture!<\/strong>&#8220;<\/span><\/a><\/p>\n","protected":false},"author":207103662,"featured_media":29900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[28070474],"tags":[739230612,739230838,669952177],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/opstree.com\/blog\/wp-content\/uploads\/2025\/11\/DevSecOps-1.jpg","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pfDBOm-2IM","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/10464"}],"collection":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/users\/207103662"}],"replies":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/comments?post=10464"}],"version-history":[{"count":9,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/10464\/revisions"}],"predecessor-version":[{"id":10477,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/10464\/revisions\/10477"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media\/29900"}],"wp:attachment":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media?parent=10464"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/categories?post=10464"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/tags?post=10464"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}