Deep visibility built in [beta]
Service Mesh’s integration with Cloud Logging, Cloud Monitoring, and Cloud Trace opens up a wide range of features, including the ability to monitor SLOs at a per-service level and set targets for latency and availability. It also automatically generates graphs and tracks your compliance over time, providing comparisons to your “error budget.”
Easy authentication, encryption
Transport authentication via mTLS (Mutual Transport Layer Security) has never been easier. Secure your service-to-service and end-user-to-service communications with a single click mTLS installation or incremental implementation.
Decide who has access to what services in your mesh with easy-to-use role-based access control (RBAC). You specify the permissions, then grant access to them at the level you choose, from namespace all the way down to users.
Fine-grained traffic controls
Service Mesh decouples traffic flow from infrastructure scaling, opening up many traffic management features, including dynamic request routing for A/B testing, canary deployments, and gradual rollouts—all outside of your application code.
Failure recovery out of the box
Service Mesh provides a number of critical failure-recovery features out of the box that can be configured dynamically at runtime, including timeouts, circuit breakers, active health checks, and bounded retries.
Fault injection tools
Even with robust failure-recovery features, it’s critical to test your mesh’s resilience. That’s where fault injection comes in. You can easily configure delay and abort faults to be injected into requests that match certain conditions, and even restrict the percentage of requests that should be subjected to faults.
Choose between round robin (each healthy upstream host is selected in order), random (load balancer selects a random healthy host), and weighted-least-request load balancing.
Hybrid service mesh
Service Mesh also supports a hybrid service mesh. This gives you the flexibility to have a common mesh that spans both your Google Cloud and on-prem deployments.
Managed by Google
Service Mesh gives you a Google-managed control plane and an optional data plane that you simply configure. Google handles their reliability, upgrades, scaling and security for you.