Today, Avi Networks announced plans to integrate with Istio to create a Universal Service Mesh that spans traditional and containerized applications on cloud, VM, and bare-metal infrastructure.
A service mesh provides networking, traffic management, security, and observability to container-based applications and microservices. And we at Avi Networks believe it is the future of application delivery with the potential to reshape the nearly $12B market for application services (load balancing, security, and monitoring).
By integrating Avi Networks and Istio, we are able to deliver enhanced, full-featured ingress and gateway services to Istio to facilitate secure connectivity for Kubernetes applications across multiple clusters, regions, or clouds. These include L4-L7 traffic management, security including WAF, and observability. Here is a 2 minute overview of the integration.
The other benefit to this integration with Istio is that we will be able to extend service mesh features beyond containers to applications running on bare metal or virtual machines. Avi’s integration with Istio enables customers to deploy a single service mesh across all of their applications—traditional and containerized—both on-prem and in public clouds. Our CTO and Co-Founder, Ranga Rajagopalan, provides a walkthrough for the Universal Service Mesh.
Avi’s Universal Service Mesh builds on Avi Vantage’s existing container services for Kubernetes and OpenShift, which include north-south (ingress) load balancing, global server load balancing (GSLB), web application firewall (WAF), and east-west traffic management across multi-cluster, multi-region, and multi-cloud environments. The integration of Istio enhances Avi’s capabilities with identity-based security, real-time application monitoring, and enterprise-grade authentication and authorization.
Features of Avi’s Universal Service Mesh include:
- Multi-Cloud: A single service mesh for clusters across on-premises data centers and public clouds
- Multi-Infrastructure: Extended for both traditional and cloud-native applications deployed in virtual machines and bare metal servers in addition to containers
- Multi-Cluster: Inter/intra-cluster traffic management and secure gateways
- Multi-Region: GSLB for multiple regions and geo-aware load balancing
- Traffic Routing
- Ingress gateway with integrated IPAM/DNS, deny list/accept list and rate limiting
- L4-7 load balancing with SSL/TLS offload
- Automated service discovery and application map
- Zero-trust security model and encryption
- Distributed WAF for application security and DDoS
- Single sign-on (SSO) integration
- Real-time application performance monitoring and tracing
- Big data driven connection log analytics
- Machine learning-based insights and app health analytics
The Universal Service Mesh will be available in multiple phases starting Q1 2019, with phase one including Istio integrated ingress and gateway services for Kubernetes. The Universal Service Mesh can be deployed as SaaS or customer managed.
To learn more, please view for our webinar:
You can also learn more by visiting the Universal Service Mesh product page.