Status: Accepted
Date: 2026-01-25
Need for secure communication between microservices and traffic observability.
Adopt Istio as Service Mesh with mTLS STRICT by default.
- Automatic mTLS between all services (zero-trust)
- Native traffic observability (Grafana integration)
- Resilience policies (retry, timeout, circuit breaker) via configuration
- Maturity and active community
- Sidecar overhead in each pod (~50MB memory, ~50m CPU)
- Additional complexity in troubleshooting
- Need for team training