Ingress Gateway for Containers

Avi’s ingress gateway for containers provides secure and reliable access from external users to Kubernetes clusters, in on-premises data centers or public clouds such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform.

Avi Networks’ flagship Avi Vantage software-defined platform features a decoupled control plane and proxy-based data plane that preceded and anticipated the formal emergence of open source service meshes such as Istio.

“Vendors Stake Out Positions in Emerging Istio Service Mesh Landscape”

Brad Casemore
Research Vice President | IDC

Multi-Cluster Traffic Management for Kubernetes

Avi Vantage architecture has a decoupled control plane (Avi Controller) and data plane proxies (Avi Service Engines). Avi Controller integrates with Kubernetes controller via open APIs to coordinate policies across Envoy proxies for east-west traffic management within Kubernetes clusters. Avi Service Engines can be deployed to load balance the ingress (north-south) traffic between external users and the clusters. They can also be deployed as secure inter-cluster gateways between the clusters, which can be across data centers and public clouds.

Applications deployed in Kubernetes environments need both east-west as well as north-south traffic management services. The open source Istio service mesh provides the east-west traffic management capabilities in Kubernetes through the distributed Envoy sidecar proxies. However, Istio doesn’t address the need for enterprise-grade  Kubernetes ingress into the container cluster or the gateway services required to bridge multi-cluster environments. Enterprises need elastic, enterprise-grade load balancing for ingress into the container cluster and to manage ingress resources.

Traditional load balancing appliances lack the automation or the elasticity to provide these ingress services and open source load balancers are not feature-complete to offer full application services. Avi’s distributed architecture is a great fit for enterprises looking to deliver external access to the container cluster or those looking for an ingress controller to deploy multiple container clusters with connectivity between them.

Features needed in an ingress gateway for containers to access the clusters in Kubernetes environments: