Istio Integrated Service Mesh
for Containers

We have seen a rapid shift from monolithic applications to distributed microservices, where applications are broken down into individual services, each of which can be independently built, deployed and managed. The CI/CD and DevOps methodologies have been adopted by application-centric enterprises. However, application services for microservices connectivity, service discovery, and security are weighed down by the complexity and inflexibility of traditional ADC hardware appliances. On the other hand, many open source tools lack the enterprise-grade features to support production deployments.

Expand Istio Service Mesh Capabilities Beyond Containers

Avi’s Universal Service Mesh integrates with Istio Service Mesh to provide comprehensive application services from traffic management and security to observability and performance management in a single platform. This eliminates the need for application teams to integrate multiple point products to deploy services to applications. The integration with Istio extends the Istio service mesh beyond containers in Kubernetes or OpenShift to bare metal servers and virtual machines, across on-premises data centers and multi-cluster, multi-cloud, and multi-region environments.

The Universal Service Mesh offers consistent enterprise-grade features for both traditional and cloud-native applications, making communication between microservices reliable and fast. It also provides granular traffic management, failure recovery, security (encryption, authorization and authentication), and observability including tracing, logging and monitoring. The architecture uses a centrally-managed, extended fabric of sidecar proxies, each of which is associated with a computing workload such as a container or virtual machine, creating a single service mesh.

Avi Networks’ flagship Avi Vantage software-defined platform features a decoupled control plane and proxy-based data plane that preceded and anticipated the formal emergence of open source service meshes such as Istio.

Brad Casemore
Vice President | IDC Research
Source: Vendors Stake Out Positions in Emerging Istio Service Mesh Landscape

Avi Networks set out to deliver an enterprise-class service mesh for both traditional and containerized applications. With the Istio integration, Avi sees developers benefiting from the support for granular CI/CD, circuit breakers, error injection, and rate limiters. For operators, Avi provides metrics, application mapping, API tracing, and request logging. This is all in addition to Istio’s ability to elastically and securely scale to support cloud-native environments. For security, Avi is bringing enterprise-grade features to production environments.

Full Service Lifecycle Management with
Istio Integrated Service Mesh

Beyond the ingress gateway which is needed for north-south traffic management, Avi provides a single application service fabric – Universal Service Mesh – integrated with Istio for east-west local and global traffic management on bare metal servers, virtual machines, and containers in multi-cluster, multi-region and multi-cloud environments. It makes sure it completes the service lifecycle of microservices to secure, discover, scale and monitor applications.


Secure
  • Encryption with high-performance SSL/TLS termination
  • Per app, centralized security policy management
  • Distributed application firewall to mitigate DDoS
Discover
  • Automated service discovery visualized in a dynamic application map
  • Integrated domain name (DNS) /IP address management (IPAM) / DHCP services
Scale
  • Consistent experience in multi-cluster and multi-cloud environments
  • Agility through rapid deployment and full lifecycle automation
  • CI/CD pipeline integration with blue/green and canary deployment
Monitor
  • Real-time telemetries for network and application performance monitoring
  • Application insights with actionable analytics based on machine learning