Stats

Actions

Tags

Help us improve

Share bugs, ideas, or general feedback.

service-mesh-patterns | system-design

Skill

service-mesh-patterns

From system-design

Implement service mesh patterns for observability, resilience, and traffic management. Use when managing complex microservices communication at scale.

$

npx claudepluginhub sethdford/claude-skills --plugin architect-system-design

Popularity

Parent stars

13

Parent forks

2

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/system-design:service-mesh-patterns

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Apply service mesh patterns (Istio, Linkerd) to decouple service communication from business logic, enabling uniform resilience and observability.

SKILL.md

51 lines · ~763 tokens

Similar Skills

service-mesh-expert

37.9k

Architects service meshes using Istio and Linkerd for Kubernetes, covering traffic management, mTLS security, observability, multi-cluster federation, and canary deployments.

antigravity-awesome-skills

configuring-service-meshes

2.2k

Configures Istio, Linkerd, and Consul Connect for Kubernetes microservices. Generates mTLS, traffic routing, resilience policies, and observability configs.

11 files6 tools

service-mesh-configurator

setup-service-mesh

15

Deploys and configures Istio or Linkerd service mesh in Kubernetes for secure mTLS communication, traffic management, observability, circuit breaking, and policy enforcement. Use for microservices needing canary deployments or service-level observability.

1 file1 tool

Stats

Parent stars13

Parent forks2

MaintenanceFair

Last CommitMar 11, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Service Mesh Patterns

Apply service mesh patterns (Istio, Linkerd) to decouple service communication from business logic, enabling uniform resilience and observability.

Context

You are designing service mesh infrastructure for microservices. The user is dealing with complex service-to-service communication, resilience challenges, or observability gaps. Read their current infrastructure.

Domain Context

Based on Istio/Linkerd reference implementations and distributed systems research:

Sidecar Proxy: Per-service proxy handling network concerns (retries, circuit breaking, auth)
Control Plane: Centralized configuration of routing, security, observability
Mutual TLS: Encrypted, authenticated service-to-service communication by default
Traffic Management: Canary deployments, retries, timeouts, load balancing
Observability: Distributed tracing, metrics collection, access logs

Instructions

Assess Mesh Necessity: Service mesh adds complexity. Evaluate: are you managing >10 services? Do you need fine-grained traffic control? Do you have mTLS requirements? If yes to 2+, mesh may help.
Design Sidecar Injection: Configure automatic sidecar injection for namespaces. Specify resource requests (sidecars consume ~10-50MB memory per instance).
Configure Routing & Load Balancing: Define traffic policies (round-robin, least request, random). For canary deployments, specify traffic split (90% stable, 10% canary).
Implement Resilience Policies: For each service-to-service communication, specify:
- Retry policy (max 3 attempts, backoff)
- Timeout (2s)
- Circuit breaker (fail if error rate > 50%)
Enable Observability: Configure telemetry collection. Send metrics to Prometheus, traces to Jaeger. Define dashboards for request latency, error rate, saturation.

Anti-Patterns

Mesh Without Observability: Adds sidecar proxies but no metrics/tracing. Result: can't debug why requests fail. Guard: Require metrics and tracing before deploying mesh.
Mesh for Small Scale: Added 10 sidecars and control plane for 5 services. Result: complexity exceeds benefit. Guard: Mesh ROI positive at >10 services.
Ignoring Sidecar Overhead: Assumes no performance impact. Result: latency increase and memory bloat. Guard: Measure p95 latency before/after mesh; set acceptable overhead budget.
mTLS Everywhere Immediately: Breaks debugging and testing. Result: developers can't test locally without mesh. Guard: Enable mTLS gradually; provide options to bypass for dev.

Further Reading

Istio in Action by Christian Posta and Burr Sutter — practical service mesh implementation
Designing Microservices Platforms — service mesh operational patterns
Linkerd Documentation — lightweight mesh alternative to Istio