Service mesh injection¶

Service mesh injection is the process of automatically configuring pods within a Kubernetes Namespace to include the sidecar proxies required for a Service mesh.^[400-devops-07-monitoring-and-observability-istio.md]

Mechanism¶

The injection mechanism typically relies on labeling a specific namespace.^[400-devops-07-monitoring-and-observability-istio.md] When the appropriate label is applied, the Service mesh's control plane automatically intercepts Pod creation requests and injects the necessary proxy containers (such as Envoy) into the Pod spec.

Configuration¶

To enable automatic injection for the default namespace in a cluster, the following command can be used^[400-devops-07-monitoring-and-observability-istio.md]:

[kubectl](<./kubectl.md>) label namespace default istio-injection=enabled --overwrite

Setting istio-injection to enabled signals to the mesh injector that all new pods in this namespace should be augmented with the mesh data plane components.

Related Concepts¶

• Istio
• [[Sidecar pattern]]
• Service Mesh

Sources¶

• 400-devops-07-monitoring-and-observability-istio.md