Service Mesh (Beta)

Page last updated:

Warning: Pivotal Cloud Foundry (PCF) v2.5 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

This topic describes service mesh for Pivotal Application Service (PAS).

To deploy service mesh, see Deploying Service Mesh (Beta).

Overview

PAS includes an optional beta routing plane that uses a service mesh. A service mesh provides traffic management, security, and observability for microservices. For more information, see What is a service mesh? in the Istio documentation.

Service mesh in PAS uses Istio Pilot and Envoy. The Cloud Foundry istio-release packages these components into a BOSH release. For more information, see Pilot in Istio documentation, What is Envoy in the Envoy documentation, and the istio-release repository in GitHub.

Service mesh deploys an additional router and runs as a parallel routing plane as illustrated in the following diagram:

Features

Service mesh currently supports configuring routing weights for apps. For more information, see Using Weighted Routing (Beta).

Limitations

When deploying service mesh, consider:

• It does not have feature parity with the existing routing plane in PAS.
• Service mesh features do not work when strict (mTLS) route integrity is also enabled.
• It is for deployments with fewer than 20,000 routes. At greater scale, it can impact core platform functions.
• The control plane is not highly available and registration of new routes can be delayed during an upgrade.

Component VMs

The following table describes each component VM deployed as part of service mesh in PAS, along with their function.

For information about the communication ports and protocols used by these components, see Service Mesh in the Routing Network Communications topic.