Service Mesh Fundamentals — Vocabulary
5 exercises — 5 exercises practising the core vocabulary of service meshes — data plane, control plane, sidecar proxies, and Istio architecture.
0 / 5 completed
1 / 5
A colleague asks you to explain the difference between the data plane and the control plane in Istio. Which answer is most accurate?
The data plane (Envoy sidecars) handles real traffic; the control plane (istiod) handles configuration distribution — these are completely separate concerns.
This separation is fundamental to service mesh architecture. istiod translates your Istio YAML resources into xDS (Envoy discovery service) configuration and pushes it to the relevant sidecar proxies via gRPC streaming. When a request flows from service A to service B, it goes: A's container → A's Envoy sidecar → network → B's Envoy sidecar → B's container. istiod is never in that path — it only tells the sidecars what to do.
Key vocabulary:
• data plane — the Envoy sidecar proxies; handle actual request traffic
• control plane — istiod; distributes xDS config; no traffic flows through it
• xDS — Envoy's discovery service API; how control plane pushes config to data plane
This separation is fundamental to service mesh architecture. istiod translates your Istio YAML resources into xDS (Envoy discovery service) configuration and pushes it to the relevant sidecar proxies via gRPC streaming. When a request flows from service A to service B, it goes: A's container → A's Envoy sidecar → network → B's Envoy sidecar → B's container. istiod is never in that path — it only tells the sidecars what to do.
Key vocabulary:
• data plane — the Envoy sidecar proxies; handle actual request traffic
• control plane — istiod; distributes xDS config; no traffic flows through it
• xDS — Envoy's discovery service API; how control plane pushes config to data plane