Think services first
Microservices architectures present a range of benefits, but they introduce many challenges. Google Cloud Service Mesh (GCSM), Google’s fully managed service mesh, lets you manage these complex environments and get all the benefits they promise. Google Cloud Service Mesh provides a fully managed platform that simplifies operating services across the board, from traffic management and mesh telemetry to securing communications between services, thereby taking a significant burden off your operations and development teams.
Fully managed, full stop
Since it’s a fully managed offering, Google Cloud Service Mesh takes all the guesswork and effort out of procuring and managing your service mesh solution. You focus on developing great apps; let us worry about your mesh.
Security without complexity
Securing your service mesh can feel daunting. GCSM helps you embrace a zero-trust security model, giving you the tools to automatically secure your services and their communication and manage authentication, authorization, and encryption between services with a diverse set of features — all with little or no changes required to the applications themselves. This makes your mesh more secure and frees developers to focus on application-level security.
Deep insights into your mesh
Your mesh can’t be at its most efficient if you can’t see how it’s operating. GCSM’s robust tracing, monitoring, and logging features give you deep insights into the performance and health of your mesh. Observe how your services are performing, see how that performance affects other processes, and detect any issues quickly.
Traffic management made simple
With GCSM, you can control traffic flows and API calls between services, while at the same time getting better visibility into your traffic. This not only makes calls more reliable and your network more robust, even in adverse conditions, it enables you to catch issues before they become problems.
GCSM’s integration with Stackdriver opens up a wide range of monitoring, logging, and tracing features. GCSM also provides you with the ability to monitor SLOs at a per-service level. Set SLO targets for latency and availability, and Stackdriver can automatically generate graphs, track your compliance over time, and let you know how you stack up vs. your “error budget.“
Authenticate and encrypt seamlessly
Transport authentication via mTLS has never been easier. Secure your service-to-service and end-user-to-service communications with mTLS with a single click install or implement it incrementally.
Determine who has access to what services in your mesh with easy-to-use role-based access control (RBAC). You specify the permissions, then grant access to them at the level you choose, from namespace all the way down to users.
Fine-grained traffic management
GCSM decouples traffic flow from infrastructure scaling, opening up many traffic management features — including dynamic request routing for A/B testing, canary deployments, and gradual rollouts — all outside of your application code.
Failure recovery out of the box
GCSM provides a number of critical failure-recovery features out of the box that can be configured dynamically at runtime, including timeouts, circuit breakers, active health checks, and bounded retries.
Easy-to-configure fault injection
Even with robust failure-recovery features, it’s critical to test the resiliency of your mesh. That’s where fault injection comes in. Easily configure delay and abort faults to be injected into requests that match certain conditions, and even restrict the percentage of requests that should be subjected to faults.
Choose between round robin (each healthy upstream host is selected in round robin order), random (the random load balancer selects a random healthy host), and weighted-least-request load balancing.
Traffic encryption, auditing, and fine-grained access policies help mitigate inside and outside threats to your data, endpoints, communications, and platform.