Istio Service Mesh Traffic Flow
How Frontend Communicates with Backend Through Envoy Sidecars
STEP 1
STEP 2
STEP 3
STEP 4
STEP 5
Frontend Pod
⚡
Frontend App
Container
localhost:8080
HTTP Request
Intercepts
⎈
Envoy Proxy
Istio Sidecar
📤 Outbound: Port 15001
Traffic Management | Load Balancing
mTLS | Retries | Circuit Breaking
Backend Pod
⎈
Envoy Proxy
Istio Sidecar
📥 Inbound: Port 15006
Auth | Validate | Decrypt
Policy Enforcement | Observability
Forwards
⚙️
Backend App
Container
localhost:8080
Processes Request
🔐
mTLS Encrypted
Service Mesh Communication
Secure • Authenticated • Observable
①
Request Initiated
Frontend app sends
HTTP request to backend
GET / HTTP/1.1
②
Outbound Intercept
Envoy sidecar intercepts
at port 15001
:15001 (outbound)
③
Secure Transit
mTLS encrypted traffic
through service mesh
TLS 1.3 + mTLS
④
Inbound Process
Validate, decrypt &
forward to backend
:15006 (inbound)
⑤
Response Returns
Same secure path
back to frontend
HTTP 200 OK