A service mesh has become a critical part of platforms based on Kubernetes clusters. It provides both east-west and north-south traffic managementxi, security, observability, and shaping for services implemented by the cluster and supporting components. As clusters have grown in size and platforms have become comprised of many clusters, maintaining a consistent view, management, and policies for network layer 4 – 7 traffic has become increasingly complex.
In response, a number of vendors have extended control planes with a multi-cluster management layer such that they federate and manage service meshes at scale across multiple clouds and on-premises deployments. Both Hashicorp Consul and VMWare Tanzu NSX Service Mesh extend the service mesh control plane past the local service mesh to allow a management layer over multiple clouds and clusters. The open source project Meshery is also providing a service mesh management plane as separate software that can interact using the Service Mesh Interface or through built-for-purpose adapters for a variety of existing service mesh products and projects.
Like Kubernetes control planes, this extension of the service mesh control plane allows for consistent management and policies across clusters in different environments, a situation that is becoming more typical in enterprise IT applications.
Service mesh control plane federation is an emerging feature of service mesh products. Unlike Kubernetes control planes, it is not yet commonplace, but Amalgam Insights predicts that we will see service mesh control plane federation become a normal part of the service mesh landscape.