← Lessons

quiz vs the machine

Platinum1800

System Design

Service Mesh

Moving retries, encryption, and routing out of every app and into the network layer.

6 min read · advanced · beat Platinum to climb

The problem it solves

In a large microservice system, every service needs the same plumbing: retries, timeouts, mutual encryption, load balancing, and metrics. Writing that into every app, in every language, is repetitive and inconsistent. A service mesh moves this cross cutting logic out of the apps and into a dedicated networking layer.

Data plane and control plane

  • The data plane is a fleet of proxies, one next to each service instance. All traffic flows through these proxies, which apply policy.
  • The control plane is the brain that configures every proxy: it distributes routing rules, certificates, and telemetry settings.

Because the proxy handles networking, the application code can stay focused on business logic and stay free of networking libraries.

What the mesh gives you

  • Mutual TLS between services without app changes.
  • Traffic management like canary splits and retries set by policy.
  • Observability with consistent metrics and traces for every call.

The cost is added latency per hop and the operational weight of running another distributed system.

Key idea

A service mesh pushes retries encryption and routing into per service proxies steered by a control plane so apps stay simple.

Check yourself

Answer to earn rating on the learn ladder.

1. What runs in the data plane of a service mesh?

2. What does the control plane do?

3. What is a real cost of adopting a service mesh?