Non-mesh traffic unnecessarily consumes sidecar CPU

Database connections and other traffic that does not require mesh features (mTLS, retries, observability) still gets proxied through the sidecar, consuming CPU for connection management, protocol parsing, and telemetry without providing value. Common database ports like PostgreSQL 5432, Redis 6379, Elasticsearch 9200 are typical culprits.

Exclude database and non-mesh traffic ports using traffic.sidecar.istio.io/excludeOutboundPorts annotation on Deployment. Add ports like '5432,6379,9200' for PostgreSQL, Redis, Elasticsearch. Also use excludeInboundPorts for ports like 15090 (Prometheus scrape). This bypasses the sidecar entirely for these connections.