Module 5: Service Mesh with Istio (Optional)

Note

This module is optional. Service mesh is an advanced topic that is only relevant if you are running, or plan to run, an application made up of many services that need consistent traffic management, security, or observability. If service mesh is not on your roadmap, you can safely skip this module and the accompanying Lab 4 .

Introduction

In this module, we will look at service mesh concepts and how Istio can help you manage communication between services running in Kubernetes. You will learn what Istio adds on top of standard Kubernetes networking, how the Istio control plane works, the difference between sidecar and ambient mesh, and how Istio gateways are used for traffic entering and leaving the mesh.

Learning Objectives

Understand what a service mesh is and when it is useful
Learn the main Istio components and how traffic flows through the mesh
Compare sidecar mode and ambient mode
Understand Istio ingress gateways and how they relate to Kubernetes Ingress and Gateway API
Review the AKS Istio add-on and the trade-offs between managed and self-managed Istio
Identify common Istio use cases such as traffic splitting, mTLS, retries, and observability