Alauda Service Mesh

Introduction

Sidecar Configuration Management

Sidecar Configuration enables granular control over Envoy proxy behavior in Istio service meshes. This functionality:

  • Defines inbound/outbound traffic policies
  • Optimizes proxy resource utilization
  • Implements namespace-scoped access control
  • Enhances mesh-wide performance

Core value: Precise traffic management across microservice boundaries

TOC

Limitations

  1. Namespace Binding:

    • Custom configs only affect designated namespace
    • Default config requires istio-system namespace

  2. Pattern Matching:

    • Supports wildcard (*) in leftmost DNS component
    • prod/*.svc.cluster.local matches all prod services

  3. Update Propagation:

    • Changes require 60s to take effect
    • Requires Istiod version ≥1.9