Control and Data Plane at Schiphol (Image source: KLM)

When it comes to operating a microservices deployment, there are two core considerations to ask ourselves. First, how will we manage the actual communication between the services? Second, how will we manage the configuration and policies of said communication? If we are using a service mesh, for the former we will use a data plane, for the latter we will use a control plane.

In this post, we are going to compare and contrast the functionality available in the data and control planes of two popular service meshes: Istio and Linkerd. We will also look at the advantages of using…

(Image source:

Organizations across all industry verticals are continuing to accelerate their adoption of microservices. This has led to a corresponding explosion in the use of containers and client/service communications. It has proven very challenging to manage these communications securely, at-scale and with observability. This has created increasing degrees of complexity and volatility within the enterprise. As a result, both operators and developers have a strong desire to encapsulate the complexities of the network and push them into a new network infrastructure layer. At the moment, the most popular approach to get a handle on these complexities is a service mesh.


Addressing large-scale behaviors in air traffic control. (Image:

When working with customers who have heard about service meshes, we often get questions about how we work with and complement Istio. The direct answer, of course, is that service meshes address the developer-centric and local aspects of managing service-to-service calls, while a cloud traffic controller like Glasnostic addresses the fundamentally operational and global aspects of managing complex emergent behaviors. Because this direct answer is a handful, I’d like to use this post as an opportunity to explain in more detail.

A Brief Introduction to Istio

Istio is a service mesh for Kubernetes that was developed jointly by Google, IBM and Lyft. Strictly speaking, the…

In this post, we’ve gathered many of the common (and some not so common!) terms, patterns and products developers and operators reference when describing various aspects of a modern microservices architecture. In this post, we’ll look at architecture and components, operational patterns and techniques, and finally, products and projects.

Architecture and Components


Microservices are an architectural style that decomposes a real or notional monolithic application into individual services, which are loosely coupled to deliver the same functionality as the corresponding monolith, but with some additional advantages. A microservice can be developed independently from other services, can have its own CI/CD pipeline and can…

Denver International Airport south terminal expansion. (Image:

An API Gateway is a reverse proxy that exposes microservices as APIs. As the name implies, it acts as a “gatekeeper” between clients and microservices, dealing with what is often called “north-south” traffic. Typical features of an API Gateway include the ability to authenticate requests, enforce security policies, load balance between backend services and throttle them if necessary. …

2018 was an exciting year for both, open source developers and vendors in the microservices and API space. In this post, we’ll recap the major developments and product announcements, plus make a few predictions for 2019.

Recapping 2018

In 2018 it felt like any vendor who didn’t already have an API gateway announced a generic or use case-specific one to round out their API management offering. Looking at the announcements that came through our feed this year, we counted at least half a dozen new API gateways and an equal number of new service meshes. 2018 also proved to be a good…

Marcus Schiesser

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store