Technically speaking, a service mesh is an additional software layer exclusively added to handle all sorts of service-to-service communications in a reliable manner. Cloud enabled and native applications are being composed out of microservices. For reliable cloud applications, the resiliency of service interactions has to be preserved through technologically advanced solutions.

Service mesh solutions are designed to absorb the service communication responsibility from each of the microservices. The service mesh acts as a proxy that intercepts and implements network communication between microservices. There are several resiliency-enablement design patterns such as retry, timeout, circuit breaking, load balancing, fault-tolerance, distributed tracing, observability metric collection, and all these are optimally implemented and inserted in any service mesh solution. A service mesh is a prime example of the ambassador pattern, which is a helper service that sends network requests on behalf of the application. The principal features of service mesh solutions include the following:

• Ensure that load balancing is provided at the session level based on various parameters such as observed latencies or the number of outstanding requests. This can sharply improve service performance over the traditional layer-4 load balancing.
• Supports layer-7 routing performed based on the URL path, host header, API version, or other application level rules.
• Understands all the HTTP error codes, and can automatically retry failed requests. It is possible to configure the maximum number of retries, along with a timeout period.
• Provides a circuit breaking feature. If a service instance consistently does not respond to client requests, then the circuit breaker in the service mesh will temporarily mark the service instance as unavailable. After a short period, the circuit breaker will try the instance again.
• Leverages service metrics. The service mesh precisely captures all the right and relevant metrics about inter-service calls, such as the request volume, latency, error, and success rates, and the response sizes.
• Enables distributed tracing by adding correlation information for each hop in a request.
• Performs mutual TLS authentication for service-to-service calls.
• Comes with service registry and discovery features.

The macro-level service communication resiliency is illustrated in the following diagram:

There are a few interesting implementations of service mesh specifications. The most prominent ones among them are Istio, Linkerd, and Conduit. Aspen Mesh is a commercial version.