Imagine you have many small services talking to each other in an app. What main job does a service mesh do?
Think about how services talk and stay safe and visible.
A service mesh helps microservices communicate securely and reliably by managing traffic, security policies, and observability without changing the services themselves.
Run the command istioctl proxy-status in a Kubernetes cluster with Istio installed. What does it show?
istioctl proxy-status
Think about what 'proxy-status' might mean in Istio.
The command shows the status of Envoy proxies (sidecars) connected to the Istio control plane, including if their configurations are synced.
Put these steps in the correct order to enable mutual TLS between services in a service mesh.
Think about preparing the namespace, deploying services, then enforcing policies.
First, enable sidecar injection so proxies are added. Then deploy services with sidecars. Next, apply the mTLS policy. Finally, verify the setup.
You notice that calls between microservices are slower after adding a service mesh. What is a likely cause?
Think about what sidecars do to network traffic.
Sidecar proxies intercept and encrypt traffic, adding processing time and extra network hops, which can increase latency.
To understand how your microservices behave in a service mesh, which practice is best?
Think about how to get detailed info from all parts of the mesh.
Distributed tracing and metrics from sidecars give detailed insights into service interactions and performance.