{"id":4080,"date":"2025-07-03T18:39:27","date_gmt":"2025-07-03T15:39:27","guid":{"rendered":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/service-mesh\/"},"modified":"2025-07-03T18:43:32","modified_gmt":"2025-07-03T15:43:32","slug":"service-mesh","status":"publish","type":"docs","link":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/service-mesh\/","title":{"rendered":"Service Mesh (\u0421\u0435\u0442\u0435\u0432\u0430\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438)"},"content":{"rendered":"\n<p><strong><a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/istio\/\" data-internallinksmanager029f6b8e52c=\"366\" title=\"Istio (\u041f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f Service Mesh)\">Service Mesh<\/a><\/strong> \u2014 \u044d\u0442\u043e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u044b\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f\u043c\u0438 \u043c\u0435\u0436\u0434\u0443 \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438. \u041e\u043d \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u0430\u043a \u043f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u044b\u0439 <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/proxy-server\/\" data-internallinksmanager029f6b8e52c=\"210\" title=\"Proxy Server (\u041f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440)\">\u043f\u0440\u043e\u043a\u0441\u0438<\/a>-\u0441\u043b\u043e\u0439, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u043d\u0430\u0434\u0451\u0436\u043d\u0443\u044e, \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u0443\u044e \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u044e \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438 \u0432 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0441\u0440\u0435\u0434\u0435 <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/kubernetes\/\" data-internallinksmanager029f6b8e52c=\"259\" title=\"Kubernetes (K8s)\">Kubernetes<\/a>.<\/p>\n\n\n\n<p>\u0412 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u043b\u043e\u0433\u0438\u043a\u0438, \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0432 \u0441\u0430\u043c\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, Service Mesh \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u2014 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u044e, \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044e, \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u044e \u2014 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b, \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u0435\u043d\u044f\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u041a\u0430\u043a \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 Service Mesh<\/h3>\n\n\n\n<p>\u041a\u043b\u044e\u0447\u0435\u0432\u0430\u044f \u0438\u0434\u0435\u044f \u2014 \u043a\u0430\u0436\u0434\u044b\u0439 \u043f\u043e\u0434 \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0438\u0441 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 <strong>sidecar-\u043f\u0440\u043e\u043a\u0441\u0438<\/strong> (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/envoy-proxy\/\" data-internallinksmanager029f6b8e52c=\"365\" title=\"Envoy Proxy (\u0412\u044b\u0441\u043e\u043a\u043e\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u043a\u0441\u0438 \u0434\u043b\u044f \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432)\">Envoy<\/a>), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0432\u0435\u0441\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0438 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a. \u0421\u0430\u043c\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043e\u0431\u0449\u0430\u044e\u0442\u0441\u044f \u0441 \u043f\u0440\u043e\u043a\u0441\u0438, \u0430 \u0443\u0436\u0435 \u043f\u0440\u043e\u043a\u0441\u0438 \u2014 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438. \u0412\u0441\u044f \u043b\u043e\u0433\u0438\u043a\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u043e\u043b\u0438\u0442\u0438\u043a \u0438 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e \u0447\u0435\u0440\u0435\u0437 control plane.<\/p>\n\n\n\n<p>\u0410\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0438\u0437:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Data Plane<\/strong> \u2014 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u043a\u0441\u0438 (sidecars), \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a;<\/li>\n\n\n\n<li><strong>Control Plane<\/strong> \u2014 \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442, \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439, \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e \u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c\u0438.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 Service Mesh<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u044f<\/strong> (\u043f\u043e \u0432\u0435\u0440\u0441\u0438\u0438, \u0442\u0435\u0433\u0430\u043c, \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u043c);<\/li>\n\n\n\n<li><strong>\u0428\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 (mTLS)<\/strong> \u2014 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435, end-to-end, \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e;<\/li>\n\n\n\n<li><strong>\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c<\/strong> \u2014 \u0447\u0435\u0440\u0435\u0437 policies, RBAC, SNI \u0438 CIDR;<\/li>\n\n\n\n<li><strong>\u041a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435\u043c \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0432\u044b\u0437\u043e\u0432\u043e\u0432<\/strong> \u2014 <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>timeout<\/code><\/div>, <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>retry<\/code><\/div>, <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>circuit breaker<\/code><\/div>, <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>rate limiting<\/code><\/div>;<\/li>\n\n\n\n<li><strong>\u041d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u043e\u0441\u0442\u044c (observability)<\/strong> \u2014 <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/traceroute\/\" data-internallinksmanager029f6b8e52c=\"325\" title=\"Traceroute\">\u0442\u0440\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u043a\u0430<\/a> (tracing), \u043c\u0435\u0442\u0440\u0438\u043a\u0438, \u043b\u043e\u0433\u0438 (\u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/prometheus\/\" data-internallinksmanager029f6b8e52c=\"355\" title=\"Prometheus (\u0411\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0440\u044f\u0434\u043e\u0432)\">Prometheus<\/a>, <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/grafana\/\" data-internallinksmanager029f6b8e52c=\"356\" title=\"Grafana (C\u0432\u043e\u0431\u043e\u0434\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445)\">Grafana<\/a>, Jaeger, Zipkin);<\/li>\n\n\n\n<li><strong>A\/B-\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438 canary rollout<\/strong> \u2014 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u0435\u043d\u044f\u0442\u044c \u043a\u043e\u0434;<\/li>\n\n\n\n<li><strong>\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 Zero Trust \u043c\u043e\u0434\u0435\u043b\u0435\u0439<\/strong> \u2014 \u0441\u0442\u0440\u043e\u0433\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u0438 <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/oauth-2-0\/\" data-internallinksmanager029f6b8e52c=\"378\" title=\"OAuth 2.0\">\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f<\/a> \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u041f\u0440\u0438\u043c\u0435\u0440\u044b \u0440\u0435\u0448\u0435\u043d\u0438\u0439<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u0420\u0435\u0448\u0435\u043d\u0438\u0435<\/th><th>\u041f\u0440\u043e\u043a\u0441\u0438 (Sidecar)<\/th><th>Control Plane<\/th><th>\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438<\/th><\/tr><\/thead><tbody><tr><td><strong>Istio<\/strong><\/td><td>Envoy<\/td><td>Istiod<\/td><td>\u041f\u043e\u043b\u043d\u043e\u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0439, \u0433\u0438\u0431\u043a\u0438\u0439, \u043d\u043e \u0442\u044f\u0436\u0451\u043b\u044b\u0439<\/td><\/tr><tr><td><strong>Linkerd<\/strong><\/td><td>Rust-based proxy<\/td><td>Linkerd control plane<\/td><td>\u041b\u0451\u0433\u043a\u0438\u0439, \u0431\u044b\u0441\u0442\u0440\u044b\u0439, \u0431\u0435\u0437 Envoy<\/td><\/tr><tr><td><strong>Consul Connect<\/strong><\/td><td>Envoy \/ native<\/td><td>Consul<\/td><td>\u0413\u0438\u0431\u0440\u0438\u0434 service discovery + mesh<\/td><\/tr><tr><td><strong>Kuma<\/strong><\/td><td>Envoy<\/td><td>Kuma CP<\/td><td>\u0421\u0442\u0430\u0432\u043a\u0430 \u043d\u0430 multi-mesh \u0438 CRD-\u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435<\/td><\/tr><tr><td><strong>Open Service Mesh (OSM)<\/strong><\/td><td>Envoy<\/td><td>OSM controller<\/td><td>\u041b\u0451\u0433\u043a\u0438\u0439, SMI-\u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u044b\u0439, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f Microsoft<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u0413\u0434\u0435 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043d\u0443\u0436\u0435\u043d Service Mesh<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Kubernetes \u0441 \u0431\u043e\u043b\u044c\u0448\u0438\u043c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e\u043c \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432<\/strong>;<\/li>\n\n\n\n<li><strong>\u041c\u0443\u043b\u044c\u0442\u0438\u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0438 \u043c\u0443\u043b\u044c\u0442\u0438\u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b<\/strong>;<\/li>\n\n\n\n<li><strong>\u0424\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0435 \u0438 \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u0438\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c\u0438 \u043f\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0443 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438<\/strong>;<\/li>\n\n\n\n<li><strong>DevSecOps \u0438 Zero Trust \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b<\/strong> \u2014 \u0441\u0442\u0440\u043e\u0433\u0430\u044f \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044f \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0435\u0437 \u0434\u043e\u0432\u0435\u0440\u0438\u044f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438;<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/gitlab-ci-cd\/\" data-internallinksmanager029f6b8e52c=\"372\" title=\"GitLab CI\/CD (\u041d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u0430\u044f \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0430 \u0432 GitLab)\">CI\/CD<\/a>-\u043f\u0430\u0439\u043f\u043b\u0430\u0439\u043d\u044b<\/strong>, \u0433\u0434\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435, \u0434\u0435\u043f\u043b\u043e\u0439 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0444\u0438\u0447\u0430\u043c\u0438 \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u0435.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u041f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u043e \u0432\u0430\u0436\u043d\u043e:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u0420\u0430\u0437\u0433\u0440\u0443\u0437\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438<\/strong> \u2014 \u043d\u0435\u0442 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043b\u043e\u0433\u0438\u043a\u0443 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445;<\/li>\n\n\n\n<li><strong>\u0426\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438<\/strong>;<\/li>\n\n\n\n<li><strong>\u041f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043d\u0430\u0434\u0451\u0436\u043d\u043e\u0441\u0442\u0438 \u0438 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432<\/strong>;<\/li>\n\n\n\n<li><strong>\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e observability-\u0441\u0442\u0435\u043a\u0430<\/strong> \u0431\u0435\u0437 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0432 \u043a\u043e\u0434.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>Service Mesh<\/strong> \u2014 \u044d\u0442\u043e \u043a\u043b\u044e\u0447\u0435\u0432\u043e\u0439 \u0441\u043b\u043e\u0439 \u0434\u043b\u044f \u0437\u0440\u0435\u043b\u044b\u0445 Kubernetes-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c, \u0433\u0434\u0435 \u0432\u0430\u0436\u043d\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435, \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439. \u042d\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043d\u0435 \u043f\u0440\u043e \u00ab\u043c\u043e\u0434\u043d\u043e\u00bb, \u0430 \u043f\u0440\u043e \u00ab\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u00bb, \u043a\u043e\u0433\u0434\u0430 \u0431\u0438\u0437\u043d\u0435\u0441 \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u043d\u043e\u0439 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>\u0412\u043e\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435 \u2014 <strong>\u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430 Istio<\/strong>, \u043f\u0440\u0438\u043c\u0435\u0440 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 <strong>mTLS<\/strong>, CRD-\u043c\u0430\u043d\u0438\u0444\u0435\u0441\u0442 \u0434\u043b\u044f <strong>\u0442\u0440\u0430\u0444\u0438\u043a-\u0441\u043f\u043b\u0438\u0442\u0430 (canary)<\/strong> \u0438 <strong>\u0441\u0440\u0430\u0432\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0442\u0430\u0431\u043b\u0438\u0446\u0430 Istio vs Linkerd<\/strong>. \u0412\u0441\u0451 \u0441\u0442\u0440\u043e\u0433\u043e, \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u043e \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 Kubernetes-\u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430\u0445.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u0410\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430 Istio (\u043e\u0431\u043e\u0431\u0449\u0451\u043d\u043d\u043e)<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>                     \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n                     \u2502        Istio Control Plane \u2502\n                     \u2502  \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510  \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510  \u2502\n                     \u2502  \u2502 Pilot  \u2502  \u2502 Citadel   \u2502  \u2502\n                     \u2502  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518  \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518  \u2502\n                     \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u252c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n                              \u2502        \u2502\n \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510    mTLS     \u25bc        \u25bc     mTLS   \u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n \u2502 Service A    \u2502\u25c4\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u25ba Envoy \u25c4\u2500\u25ba Envoy \u25c4\u2500\u2500\u2500\u2500\u2500\u2500\u25ba\u2502 Service B    \u2502\n \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518            Sidecar    Sidecar     \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n<\/code><\/div><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Envoy<\/strong> \u2014 sidecar-\u043f\u0440\u043e\u043a\u0441\u0438, \u0432\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0439 \u0432 \u043a\u0430\u0436\u0434\u044b\u0439 \u043f\u043e\u0434;<\/li>\n\n\n\n<li><strong>Pilot<\/strong> \u2014 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u044f, \u043f\u0440\u0430\u0432\u0438\u043b\u0430, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438;<\/li>\n\n\n\n<li><strong>Citadel<\/strong> \u2014 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e (mTLS);<\/li>\n\n\n\n<li><strong>Galley \/ Telemetry \/ Mixer<\/strong> (\u0432 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445) \u2014 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u044f \u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u041f\u0440\u0438\u043c\u0435\u0440: \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 mTLS \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">1. Enable strict mTLS namespace-wide<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>apiVersion: security.istio.io\/v1beta1\nkind: PeerAuthentication\nmetadata:\n  name: default\n  namespace: production\nspec:\n  mtls:\n    mode: STRICT\n<\/code><\/div><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">2. AuthorizationPolicy \u2014 \u043a\u0442\u043e \u0441 \u043a\u0435\u043c \u043c\u043e\u0436\u0435\u0442 \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>apiVersion: security.istio.io\/v1beta1\nkind: AuthorizationPolicy\nmetadata:\n  name: allow-frontend-to-backend\n  namespace: production\nspec:\n  selector:\n    matchLabels:\n      app: backend\n  rules:\n    - from:\n        - source:\n            principals: &#91;\"cluster.local\/ns\/production\/sa\/frontend\"]\n<\/code><\/div><\/pre>\n\n\n\n<p>\u042d\u0442\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a \u043a <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>backend<\/code><\/div> \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0442 <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>frontend<\/code><\/div>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Canary rollout \u0447\u0435\u0440\u0435\u0437 VirtualService (CRD Istio)<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>apiVersion: networking.istio.io\/v1beta1\nkind: VirtualService\nmetadata:\n  name: web-app\nspec:\n  hosts:\n    - web.example.com\n  http:\n    - route:\n        - destination:\n            host: web-app\n            subset: v1\n          weight: 90\n        - destination:\n            host: web-app\n            subset: v2\n          weight: 10\n<\/code><\/div><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>apiVersion: networking.istio.io\/v1beta1\nkind: DestinationRule\nmetadata:\n  name: web-app\nspec:\n  host: web-app\n  subsets:\n    - name: v1\n      labels:\n        version: v1\n    - name: v2\n      labels:\n        version: v2\n<\/code><\/div><\/pre>\n\n\n\n<p>\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0434\u044b <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>web-app<\/code><\/div> \u0434\u043e\u043b\u0436\u043d\u044b \u0438\u043c\u0435\u0442\u044c \u043c\u0435\u0442\u043a\u0438 <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>version: v1<\/code><\/div> \u0438 <div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>version: v2<\/code><\/div>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\u0421\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0435: Istio vs Linkerd<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u0425\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0441\u0442\u0438\u043a\u0430<\/th><th><strong>Istio<\/strong><\/th><th><strong>Linkerd<\/strong><\/th><\/tr><\/thead><tbody><tr><td>\u041f\u0440\u043e\u043a\u0441\u0438<\/td><td>Envoy (C++)<\/td><td>Rust-based (lightweight)<\/td><\/tr><tr><td>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430<\/td><td>\u0421\u043b\u043e\u0436\u043d\u0435\u0435, \u0431\u043e\u043b\u044c\u0448\u0435 CRD<\/td><td>\u0411\u044b\u0441\u0442\u0440\u043e \u0438 \u043f\u0440\u043e\u0441\u0442\u043e (<div class=\"code-block\"><button class=\"copy-btn\">\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c<\/button><code>linkerd install<\/code><\/div>)<\/td><\/tr><tr><td>mTLS<\/td><td>\u0414\u0430 (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445)<\/td><td>\u0414\u0430 (\u0432\u0441\u0435\u0433\u0434\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e)<\/td><\/tr><tr><td>Traffic splitting<\/td><td>\u0414\u0430 (\u0447\u0435\u0440\u0435\u0437 VirtualService)<\/td><td>\u0414\u0430 (\u0447\u0435\u0440\u0435\u0437 SMI \u0438\u043b\u0438 ServiceProfile)<\/td><\/tr><tr><td>Observability<\/td><td>Prometheus, Jaeger, Kiali<\/td><td>Prometheus, Grafana, Tap<\/td><\/tr><tr><td>\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c<\/td><td>\u0412\u044b\u0448\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430, \u0431\u043e\u043b\u044c\u0448\u0435 <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/latency\/\" data-internallinksmanager029f6b8e52c=\"323\" title=\"Latency (\u0412\u0440\u0435\u043c\u044f \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f)\">latency<\/a><\/td><td>\u041c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 overhead<\/td><\/tr><tr><td>\u0420\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u043c\u043e\u0441\u0442\u044c<\/td><td>\u0412\u044b\u0441\u043e\u043a\u0430\u044f (\u043f\u043b\u0430\u0433\u0438\u043d\u044b, WASM, <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/waf\/\" data-internallinksmanager029f6b8e52c=\"305\" title=\"WAF (Web Application Firewall)\">WAF<\/a>)<\/td><td>\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0430, \u043d\u043e \u043f\u0440\u043e\u0441\u0442\u0430\u044f<\/td><\/tr><tr><td>Production-ready<\/td><td>\u0414\u0430 (\u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f)<\/td><td>\u0414\u0430 (\u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0434\u043b\u044f \u043b\u0451\u0433\u043a\u0438\u0445 \u0441\u0440\u0435\u0434)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><\/p>\n","protected":false},"featured_media":0,"parent":2927,"menu_order":168,"comment_status":"open","ping_status":"closed","template":"","doc_tag":[],"class_list":["post-4080","docs","type-docs","status-publish","hentry"],"comment_count":0,"_links":{"self":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4080","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/comments?post=4080"}],"version-history":[{"count":1,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4080\/revisions"}],"predecessor-version":[{"id":4083,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4080\/revisions\/4083"}],"up":[{"embeddable":true,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/2927"}],"next":[{"title":"Blue-Green Deployment (\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439)","link":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/blue-green-deployment\/","href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4092"}],"prev":[{"title":"Redundancy (\u0418\u0437\u0431\u044b\u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c \u0432 \u0418\u0422-\u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435)","link":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/redundancy\/","href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4058"}],"wp:attachment":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/media?parent=4080"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/doc_tag?post=4080"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}