Bloomberg and Tetrate partner on Envoy-powered AI Gateway.

Learn more about the collaboration › close
Tetrate Enterprise ready service mesh
Get Demo
Pricing
Home

|

Blog

|

2022: A Year in Review

2022: A Year in Review

| Author: Tetrate

Service Mesh Architecture

Article content

Tetrate - A year in review

2022 has been a busy and exciting year for the Service Mesh industry, and, likewise, for us here at Tetrate. In this post, we’ll take you through what we Tetrands have been up to, what that’s meant for our product, and what we’ve seen in the wider community.

Leading enterprises have traffic security and observability at the top of their app-modernization strategies. 2022 was the year when the value of Service Meshes began to be understood – as the best way to achieve these needs, even in complex and regulated environments.

But adoption is just the start; folks need to be empowered to be successful. When we talk about user success, we often talk about the “three Ps” – Product, People, and Partnerships. These are all vital, and with open-source projects like Istio, Envoy, and more, we’ll add a C: Community.

Community

Let’s look at the community first. Istio followed its now-established cadence of quarterly releases, from 1.13 in February to 1.16 in November. These have brought many exciting features like WASM extensibility and support for the Gateway API, a step on the path to Istio becoming a fully-fledged API Gateway. Istio was also donated to the CNCF, joining the ranks of Kubernetes, Helm, Prometheus, and many more cornerstone Cloud-Native projects.

Tetrate has been at the forefront of helping folks adopt sophisticated Service Mesh deployments in complex and often highly-regulated environments. Our Tetrate Academy saw over 5,000 enrollments in 2022, with people taking courses and certifications like Istio Fundamentals, Istio 0-60, and Certified Istio Administrator. In addition to on-line self-serve sessions, we’ve taken it on the road too, from San Francisco to Shanghai. We also created and donated the official Linux Foundation Introduction to Istio course.

Product

2022 is also a year where we made significant strides towards a universal application connectivity platform powered by service mesh. Applications now live on-premises and across at least one (often multiple!) cloud. Platform engineering, app owners, and security teams are all struggling with the complexity of managing traffic, enforcing zero-trust security, and guaranteeing resilience. These are needed in increasingly dynamic environments that consist of containers, VMs, and bare metal. Traditional ways of configuring firewalls and network rule no longer scale for these teams.

Our flagship product, Tetrate Service Bridge (TSB), is used by these teams to modernize apps faster, manage traffic across clouds and on-prem more easily, and ensure the security and resilience of their businesses across dynamic environments. We’ve made two major TSB releases that revolutionize how these teams use service mesh to capture business value.

The Golden Gate release brought new security and management paradigms to service mesh deployments:

  • Role-based platform access — advanced IAM so platform, developer, and security folks can easily be onboarded, and presented with the right tools for their role.
  • Secure app segmentation — our workspaces feature allows platform teams to define granular access to clusters. This allows platform teams to give just the right amount of configuration power to app teams, without compromising security.
  • Define policy once, enforce everywhere — we introduced an ingress gateway function based on Envoy, the de facto standard proxy. This also allows policy enforcement at the edge of the mesh – critical to the modern data plane.
  • Mesh configuration based on open standards — app teams can deploy traffic policies easily by writing marked-up OpenAPI (Swagger) service definitions.

The Brooklyn release makes scaling service mesh for enterprise-scale workloads, environments, and teams much more efficient along four dimensions:

  • Accelerated mesh deployment across environments — simplifying upgrades by running multiple Istio versions while maintaining strict security segmentation via Istio isolation boundaries
  • Automated security policy enforcement — guaranteeing zero-trust security standards with customized hierarchical policies and security domains
  • Automated cluster, region, and cloud high-availability — one-step cross-region failover configuration with HA workspaces 
  • Streamlined collaborative troubleshooting — providing role-based observability that enables platform teams to offer self-service metrics, events, logs, and traces for app owners

Tetrate Service Bridge is not the only place we are innovating. For organizations who want to start by experimenting with open-source projects, we’ve made significant contributions and enhancements across the open-source landscape:

For the service mesh control plane:

For the service mesh data plane:

  • Envoy Gateway (EG) launched, with its 0.2.0 release landing in November. Envoy Gateway is a new reference Ingress Controller, based on the de facto standard Envoy proxy. We led development, in collaboration with our friends at Ambassador Labs, Fidelity Investments, VMWare, and others. Learn more from this fireside chat with Istio, Envoy, and Kubernetes co-founders
  • EG implements the new Kubernetes Gateway API. We’re co-developing this with the community, and looking forward to the exciting directions it’s taking toward being a full API Gateway specification.

Paving the road for quickly extending the service mesh:

  • Wazero saw its first releases. Wazero is a runtime for embedding WASM programmes in Go. Developed by the WASM experts at Tetrate, Wazero has zero dependencies and doesn’t rely on CGO, making it trivial to add WASM-based extensibility to any Go software
Products

Tetrate’s products and open-source contributions

People

Everything we’ve talked about is made possible by all the amazing people at Tetrate. From our co-founders, Varun – who co-created Istio and gRPC at Google – and JJ – who revolutionized the cloud platform at Twitter – to every Tetrand in 14 time zones around the world, we’re grateful to them all.

2022 has seen several industry heavyweights join us on our journey.

  • Paul Machle joins us as CFO, having previously held the position at GitLab. Paul joined GitLab as employee #8 and saw it through its IPO. Hungry for another startup success, we’re proud he’s chosen to be part of ours.
  • Sanjay Poonen was the COO of our competitor, and has now chosen to invest in, and advise, Tetrate.
  • Brian Dussault led the engineering of Spring Boot, which is used by 74% of Java microservices. Spring Boot and similar fat libraries are the predecessors to Mesh, so Brian knows this space inside-out. Considering that Tetrate is building proper technical solutions to real, challenging enterprise problems, Brian has joined us to push the space further.
  • David Wang is another veteran of the application modernization industry, having headed up marketing at MuleSoft, one of the pioneers in the SOA and microservices space.
  • Erik Frieberg ran a very successful marketing operation at another competitor. He knows how to bring massive attention to a company’s offerings, so we’re looking forward to him increasing awareness of the real innovation happening at Tetrate.

Partnerships

Our partnerships with like-minded, innovative companies have let us solve more problems for more customers. TSB runs on AWS’s EKS Anywhere, bringing the power of Tetrate’s management solution to the simplicity of managed Kubernetes, wherever you need them to run. If you don’t need the full TSB suite yet, our FIPS-certified TID distribution is a one-click EKS add-on, the only official Istio plugin for EKS. With our partners, we’ve also brought you TID on Azure, OpenShift, and Rafay.

Tetrate Partners

Bringing it Together – Zero Trust with the FFIEC

What does all of this innovation get us? A zero-trust architecture (ZTA) is vital for enterprises to achieve the security posture they need, at the scale and velocity at which they operate. Zero trust has been a big focus this year, and will only become more critical in 2023. One of the key drivers behind these moves is that regulators require ZTA. The FFIEC, the US financial services regulator, oversees many of the world’s largest financial institutions. In addition, a White House Executive Order now requires US federal agencies to meet specific cyber security standards, including a zero-trust architecture, by 2024.

When the FFIEC wanted to prescribe what enterprise-grade ZTA looks like, they adopted NIST’s SP 800-204 series of standards – co-authored by Tetrate. TSB is the only offering on the market proven to comply with these standards, and Tetrate has published a guide to their successful implementation.

Where others are slowly implementing parts of these standards, Tetrate has been defining them, through our deep partnership with the US Department of Defence. We’ve been fascinated to be involved in this collaboration – did you know Istio runs on F/16 jets? Projects like this are just plane fun (sorry! ✈️).

An Exciting 2023

We’re leaving 2022 in a great place. Tetrate Service Bridge is helping enterprises get unparalleled control and visibility of their service traffic and route it seamlessly between their traditional on-prem infrastructure and their cutting-edge cloud-native estates. TSB has been battle-tested by leading Fortune 100 companies, in one case processing $400bn of transactions each day. As you can imagine, these environments are complex and the stakes high, but the traffic is entrusted to Istio meshes, configured, and managed by TSB. This real production use is a key criterion even to be considered for Gartner’s Cool Vendor in Cloud Computing award, and we won!

Most of all, these organizations love (and require) the security-first approach of all our products. From the sophisticated service-to-service traffic policy they enforce to the hard multi-tenancy guarantees of the UI, and of course, the unique FIPS certification, enterprises worldwide trust Tetrate to help them manage their critical production systems.

So, all in all, a stellar 2022! It’s so exciting to define a market and provide the leading solutions that enable many customer success stories. We’re very proud to have our success recognized in the form of many great folks choosing to join us, many great companies choosing to partner and work with us, and winning a few awards along the way too. A couple we’re particularly proud of are being named as a Top 10 Hottest Cloud Computing Startup and as one of Forbes’ Best American Start-Up Employers. Thanks to all the dedicated Tetrands, customers, partners, and investors who made this happen.

We’ve got so much exciting stuff in the pipeline for 2023, and we can’t wait to share it with you – something we resolve to do more in 2023. Happy New Year!

Let's Get In Touch

For more information or a demo request, just drop us a message.

Contact Us