Solo.io: Istio Is Winning the Service Mesh War
The open source Istio has emerged as the “dominant” service mesh to manage Kubernetes environments and microservices, solo.io executives say.
Gloo Edge 2.0, to be released in beta in the middle of the year is the “first and the only” Istio-native API gateway with all of Istio’s native functionality, Posta said. The ingress controller will integrate Istio to form a single control plane, for example.
#SoloCon2021 @christianposta’s keynote: “https://t.co/VKAxWqk5KJ is fully committed to Istio. We see it as the dominant service mesh—it’s the one that’s most deployed to production and the most mature. #Istio #Gloo @christianposta @soloio_inc @thenewstack #sponsored pic.twitter.com/ULcSwB4gUe
— BC Gain (@bcamerongain) March 24, 2021
Solo.io’s proclamation also coincides with a number of new improvements for solo.io’s Gloo Mesh and Gloo Edge platforms announced the new capabilities feature, among other things, an even tighter integration between Istio and Gloo Mesh and Gloo Edge.
Posta’s claim that Istio is the “dominant” service mesh for microservices is largely based on Cloud Native Computing Foundation (CNCF) survey results.
#SoloCon2021 @christianposta’s keynote: Gloo Edge 2.0 is the “first and the only” Istio-native API gateway with all of Istio’s native functionality. #Istio #Gloo @soloio_inc @thenewstack #sponsored pic.twitter.com/pImweZjMkL
— BC Gain (@bcamerongain) March 24, 2021
Based on a CNCF cloud native survey for 2020 of over 1,000 responses, Lin Sun, an Istio technical oversight committee member whom solo.io recently hired as director of open source, showed during her keynote Wednesday how over 40% of users who have service mesh in production are Istio users.
More precisely, a CNCF’s survey for 2020 showed how 47% of all organizations with service mesh in production use Istio, followed by Linkerd and Consul, both with respective market shares of 41% (an organization can be using more than one mesh).
Key #Istio stats: Data based on a CNCF cloud native survey for 2020 of over 1,000 responses showed over 40 percent of the organizations surveyed using service mesh rely on Istio, which “is clearly leading the way,” @linsun_unc says. @thenewstack #SoloCon2021 #sponsored pic.twitter.com/eOjFHssENe
— BC Gain (@bcamerongain) March 24, 2021
Istio “is clearly leading the way,” Sun argued.
Sun said Istio improvements in 2020 include how the control plane components have been simplified so there are multiple components in a single control plane, called “Istiod” (Istio daemon). “This really drastically simplify the operation, installation and configuration of Istio,” she said.
Key #Istio stats: Data based on a CNCF cloud native survey for 2020 of over 1,000 responses showed over 40 percent of the organizations surveyed using service mesh rely on Istio, which “is clearly leading the way,” @linsun_unc says. @thenewstack #SoloCon2021 #sponsored pic.twitter.com/eOjFHssENe
— BC Gain (@bcamerongain) March 24, 2021
Additionally, the need for mixer components has been removed previously required to run Istio, Sun said. “Many of us had performance concerns, since they had to disable telemetry because of the mixer. So the community introduced ‘mixer-less telemetry.’”
Gigi Jackson, an SRE at Zymergen: The Istio service mesh design allows you to build an application networking layer to “make service-to-service communication, secure, reliable and observable,” so DevOps can focus on business logic. @thenewstack #SoloCon2021 #sponsored @soloio_inc pic.twitter.com/UWa2ydA9GA
— BC Gain (@bcamerongain) March 24, 2021
During Wednesday’s keynote, Gigi Jackson, a site reliability engineer at Zymergen, a self-described “biofacturer,” described how her organization uses Gloo Mesh and Istio’s service mesh design pattern to “solve common problems,” associated with managing sidecar proxies, for example. She said Istio allows application networking layers to benefit from “service-to-service communication” across multiple clusters in such a way that is “secure, reliable and observable, so that service owners can focus on business logic.”
During his SoloCon talk “Istio and Gloo Mesh Security Model,” Lawrence Gadban, a field engineer for Istio, discussed the security capabilities Isto and Gloo Mesh offer. He noted how the release of Istio 1.9, for example, introduced a new “custom action” concept. This functionality offers users custom logic control rather than “just either allow or deny” decisions, Gadban said.
“That’s very powerful and will open the door for some more advanced tooling on top of Istio,” Gadban said.
Access and authorization policies can be applied to traffic from source to destination workloads. Gadban noted how Gloo Mesh allows the user to create complex access rules for the cluster topology, in addition to the service namespace topology.
“You can see how this allows you to compose very complex rules that express complex security requirements, because you are operating in a multicluster world,” Gadban said.
