Service Mesh (Beta)
Page last updated:
This topic describes service mesh for Pivotal Application Service (PAS).
To deploy service mesh, see Deploying Service Mesh (Beta).
Breaking Change: The Service Mesh feature was removed in Tanzu Application Service (TAS) v2.11. You must disable the Service Mesh feature before upgrading to TAS v2.11.
PAS includes an optional beta routing plane that uses a service mesh. A service mesh provides traffic management, security, and observability for microservices. For more information, see What is a service mesh? in the Istio documentation.
Service mesh in PAS uses Istio Pilot and Envoy. The Cloud Foundry
istio-release packages these components into a BOSH release. For more information, see Pilot in Istio documentation, What is Envoy in the Envoy documentation, and the istio-release repository in GitHub.
Service mesh deploys an additional router and runs as a parallel routing plane as illustrated in the following diagram:
Service mesh currently supports configuring routing weights for apps. For more information, see Using Weighted Routing (Beta).
When deploying service mesh, consider:
- It does not have feature parity with the existing routing plane in PAS.
- It is for deployments with fewer than 20,000 routes. At greater scale, it can impact core platform functions.
- The control plane is not highly available and registration of new routes can be delayed during an upgrade.
- The domain for routes is
*.mesh.YOUR-APPS-DOMAINand is not configurable.
The following table describes each component VM deployed as part of service mesh in PAS, along with their function.
|istio-router||envoy||A reverse proxy to forward HTTP/HTTPS requests external to the platform to apps on the platform.|
|istio-control||copilot, pilot-discovery||Propagates PAS external routes to all service mesh routers.|
|route-syncer||cc-route-syncer||Syncs routes created through the Cloud Foundry API (CAPI) to the service mesh control plane.|
For information about the communication ports and protocols used by these components, see Service Mesh in Routing Network Communications.