Embracing the Future: The Effortless Mutual TLS and Traffic Control Without Sidecars

Lin Sun

In today's production environments, sidecars have become the dominant choice for implementing mutual TLS, traffic management and rich Layer 7 authorization policies. However, sidecars require applications to restart after being added to the mesh, causing unnecessary overprovisioning of resources for L7 processing when only mutual TLS is required. This presentation will delve into the reasons behind the rise of sidecar-less service mesh in Istio with the innovative two-layers design. Lin will explain the key advantages of adopting the sidecar-less approach and how it simplifies operations while significantly reducing infrastructure costs. Furthermore, Lin will demonstrate live how both developers and operators can enforce mTLS, rich L7 authorization policies or traffic policies without any effort or sidecars!