Service Mesh Traffic Shifting: VPC Lattice, Istio on EKS, and App Mesh EOL

DevOps & CI/CD Jun 12, 2026 Palaniappan P 1 min read

Quick summary: App Mesh is legacy path—new meshes should start with VPC Lattice for AWS-native east-west or Istio on EKS when you need full L7 policy. Traffic shifting without duplicating load balancers per service.

Key Takeaways

App Mesh is legacy path—new meshes should start with VPC Lattice for AWS-native east-west or Istio on EKS when you need full L7 policy
Service discovery Cloud Map + DNS for ECS; CoreDNS for EKS; Lattice provides named services without Consul cluster ops
What to do this week 1
2
Pilot 5% canary with weighted targets on non-critical API

Table of Contents

AWS App Mesh is in maintenance/EOL trajectory—June 2026 greenfield should evaluate VPC Lattice (service network across VPCs/accounts) and Istio on EKS for Kubernetes-native canary (flagger, Argo Rollouts).

Traffic shifting patterns

Tool	Shift mechanism
ECS/CodeDeploy	Target group weights
EKS + Istio	VirtualService weights
VPC Lattice	Listener rules + target groups
ECS Service Connect	Simpler east-west for ECS-only

Sidecar limitations: CPU/memory tax per pod—measure before meshing 200 microservices.

Service discovery

Cloud Map + DNS for ECS; CoreDNS for EKS; Lattice provides named services without Consul cluster ops.

What to do this week

Inventory App Mesh usage—plan Lattice or Istio migration.
Pilot 5% canary with weighted targets on non-critical API.
Compare p99 latency with/without sidecar on same node pool.

What this guide doesn’t cover

Container seccomp—part 4 of track.

Palaniappan P

AWS Cloud Architect & AI Expert

AWS-certified cloud architect and AI expert with deep expertise in cloud migrations, cost optimization, and generative AI on AWS.

AWS ArchitectureCloud MigrationGenAI on AWSCost OptimizationDevOps

Article Info

Updated this month

DevOps & CI/CD
Jun 12, 2026
1 min read
Palaniappan P

**AWS App Mesh** is in maintenance/EOL trajectory—**June 2026** greenfield should evaluate **VPC Lattice** (service network across VPCs/accounts) and **Istio on EKS** for Kubernetes-native canary (flagger, Argo Rollouts).

## Traffic shifting patterns

| Tool                | Shift mechanism                |
| ------------------- | ------------------------------ |
| ECS/CodeDeploy      | Target group weights           |
| EKS + Istio         | VirtualService weights         |
| VPC Lattice         | Listener rules + target groups |
| ECS Service Connect | Simpler east-west for ECS-only |

**Sidecar limitations:** CPU/memory tax per pod—measure before meshing 200 microservices.

## Service discovery

**Cloud Map** + DNS for ECS; **CoreDNS** for EKS; Lattice provides **named services** without Consul cluster ops.

## What to do this week

1. Inventory App Mesh usage—plan Lattice or Istio migration.
2. Pilot 5% canary with weighted targets on non-critical API.
3. Compare p99 latency with/without sidecar on same node pool.

## What this guide doesn't cover

Container seccomp—part 4 of track.

Ask AI

ChatGPT Claude Perplexity Gemini

Need AWS Help?

Our certified AWS architects can help you implement the solutions discussed in this article.

Talk to an AWS Expert

Recommended Reading

Explore All Articles »

Container Runtime Security: seccomp, AppArmor, and EKS Pod Security

DevOps & CI/CD

Jun 12, 2026 1 min

Container Runtime Security: seccomp, AppArmor, and EKS Pod Security

Default Docker seccomp is not enough for regulated workloads. EKS Pod Security Standards, seccomp profiles, and Fargate platform version constraints.

Kubernetes Pod Disruption Budgets on EKS: Zero-Downtime Upgrades

DevOps & CI/CD

Jun 12, 2026 1 min

Kubernetes Pod Disruption Budgets on EKS: Zero-Downtime Upgrades

Cluster upgrades and Karpenter consolidation look healthy in the console while PDB-blocked evictions freeze your node drain for 45 minutes. This guide wires minAvailable, maxUnavailable, and EKS managed node group semantics.

Blue/Green vs Canary on AWS (2026): ECS, Lambda, and When Rolling Is Enough

DevOps & CI/CD

May 29, 2026 4 min

Blue/Green vs Canary on AWS (2026): ECS, Lambda, and When Rolling Is Enough

ECS CodeDeploy and Lambda aliases support both instant cutover and gradual shifts—but picking wrong costs you double Fargate spend or 21-day MTTR on muted alarms. This decision guide scores blue/green, canary, and rolling with a matrix and names App Mesh (EOL Sept 30, 2026) replacements.

How to Deploy EKS with Karpenter for Cost-Optimized Autoscaling

Cloud Architecture

Apr 3, 2026 9 min

How to Deploy EKS with Karpenter for Cost-Optimized Autoscaling

Karpenter replaces Kubernetes Cluster Autoscaler with intelligent bin-packing and just-in-time node provisioning. This guide covers setup, consolidation, cost optimization, and production patterns for EKS clusters.

AI & assistant-friendly summary

Summary

Key Facts

Entity Definitions

Related Content

Traffic shifting patterns

Service discovery

What to do this week

What this guide doesn’t cover

Recommended Reading

Container Runtime Security: seccomp, AppArmor, and EKS Pod Security

Kubernetes Pod Disruption Budgets on EKS: Zero-Downtime Upgrades

Blue/Green vs Canary on AWS (2026): ECS, Lambda, and When Rolling Is Enough

How to Deploy EKS with Karpenter for Cost-Optimized Autoscaling