- Kubernetes is an orchestration tool used to manage numerous nodes, each consisting of one or more containers, file systems, and other components
- io and Google are major contributors to Istio, an open-source service mesh layer to connect, monitor and secure containers in Kubernetes clusters.
Solo.io Inc, a leader in cloud-native application networking, announced that it has collaborated with Google LLC to advance the Istio service mesh, an open-source project.
Istio Ambient Mesh, the next evolution, promises improved portability, safety, and speed for cloud-native programs. Solo.io and Google are major contributors to Istio, an open-source service mesh layer to connect, monitor and secure containers in Kubernetes clusters.
Kubernetes is an orchestration tool used to manage numerous nodes, each consisting of one or more containers, file systems, and other components. Containers are used to host the components of modern applications. There could be dozens of nodes in a microservices design, each standing in for different app features and functionality. These nodes’ availability and resource utilization are managed by Kubernetes, which adds pods with an increase in demand. Istio injects additional containers into the pod to offer security, management, and monitoring.
According to Solo.io, the Istio community has encountered various problems as their applications have matured. Some issues include not being able to improve the performance of apps that use a service mesh, decreasing the compute and memory overheads needed to run it, and simplifying the continuing operations of service meshes.
It’s also become evident that some applications, which do not need the full features offered by Istio, need a more versatile solution. The company also noted that it has been challenging to enable multitenancy for apps utilizing Istio.
To address these issues, Istio has developed Ambient Mesh. This framework offers a more adaptable architectural option. Until now, Istio’s focus has been on a “sidecar” model that provides the highest levels of both security and observability. Solo.io has now realized that a “sidecar-less” design may be preferable for some users since it will allow them to pick and choose which of Istio’s features they wish to use in their apps.
Keeping this in mind, Istio Ambient Mesh supports a “sidecar-less” architecture approach that relocates proxy functionality from the pod level to the node level to increase overall application performance with finer-grained configuration capabilities. According to Solo.io, this option will help users reduce their compute and memory overheads by 10 to 20 times.
An additional perk is that it’s much simpler to integrate new applications and system upgrades into an existing service mesh, making the entire process more transparent for users and increasing efficiency. Istio Ambient Mesh introduces a novel, configurable security feature known as the policy enforcement point.
According to Idit Levine, CEO and co-founder of Solo.io, Istio Ambient Mesh gives businesses using Istio a new level of flexibility, allowing them to improve performance, ease operations, and reduce costs.
Levine said, “Our work on the Istio Steering Committee and Istio Technical Oversight Committee has placed us in the unique position to chart the course of Istio.” She added, “We have customers running 30 billion transactions a day — and the number, scope, and scale of these workloads are always increasing. Istio Ambient Mesh allows companies to adjust for cost, observability, and performance based on their individual application needs — this is a market first and a ‘must-have’ for modern enterprises.”
Constellation Research Inc.’s Holger Mueller noted that Solo.io has been rapidly advancing Istio and has not stopped re-examining sacred design principles like the sidecar idea. “The result of this is that Istio’s services and capabilities have been moved closer to the container or application core, and it’s a move that has both pros and cons,” he noted. But it’s encouraging to see Istio users now have more options. As a result, executives anticipate performance, scalability, and cost improvements. The future has the answer.
Initial users are very pleased with the update. According to Joe Searcy, a member of T-Mobile USA Inc.’s technical department, the biggest enemy of service mesh adoption has always been the complexity involved. Considering this update, he is delighted with how Solo.io is streamlining the process.
Despite efforts to reduce complexity from initiatives like Istio, “the resource and operational overhead to operate service mesh for a large company have continued to make adoption onerous,” Searcy added. “I am quite excited about the possibilities that Ambient Mesh offers. Sign me up! There’s better application visibility, fewer moving parts, easier invocation, and the potential to save a tonne of money on computing power and man-hours of technical work.”
Istio Ambient Mesh can also be accessed as a part of the open-source Istio project. It’s available in beta too as a tech preview within Gloo Mesh, Solo.io’s commercial, managed version of Istio. It’s expected to become generally available later this year with the upcoming Solo.io Gloo Mesh 2.1 release.