Service Mesh & East-West Traffic

Traffic from a user to your app is "North-South." Traffic *between* your internal services is East-West. As you grow to 100+ services, managing internal security and retries becomes impossible without a Service Mesh.

1. The "Sidecar" Proxy

A tool like **Istio** injects a tiny proxy (Envoy) next to every service. All network calls go through this proxy. The service doesn't even know the mesh exists. Pros: Automatic Mutual TLS (encryption), Retries, and Circuit Breaking between internal services.

2. Observability

The Service Mesh tracks every single internal call. It can generate a "Service Map" showing you exactly which services are talking to each other and where the latency bottlenecks are. It provides **Distributed Tracing** for free.

4. Interview Mastery

Q: "What is mTLS and why does the Service Mesh use it?"

Architect Answer: "mTLS stands for **Mutual TLS**. Normally, only the client verifies the server. In mTLS, the server *also* verifies the client. The Service Mesh automatically manages certificates for every microservice. This ensures that even if a hacker breaches your network, they can't 'Sniff' internal traffic because every internal call is encrypted and authenticated."