Announcing Tetrate Agent Operations Director for GenAI Runtime Visibility and Governance

Learn more
< Back

Multi-Cluster Istio: Tetrate Service Bridge Explained at Istio Day Panel

Istio Day 2023 – A Question of Multi-Cluster Support On November 6 of 2023 in Chicago, as part of KubeCon North America, Istio Day took place.

Eitan Suez
Multi-Cluster%20Istio%3A%20Tetrate%20Service%20Bridge%20Explained%20at%20Istio%20Day%20Panel

Istio Day 2023: A Question of Multi-Cluster Support

On November 6 of 2023 in Chicago, as part of KubeCon North America, Istio Day took place.

One of the sessions was an “Ask me anything” panel with Mitch Connors (Aviatrix), John Howard (Google), Lin Sun & Neeraj Poddar (Solo), and Eric Van Norman (IBM).  The schedule for the event can be viewed here ›

I wasn’t there myself but given my interest in Service Mesh, I watched a recording of that panel discussion, and of other sessions besides.

I have always loved these types of panels, perhaps because they are not scripted; any attendee is free to raise a question or point of discussion, and the panel opines.

The focus of the panel was on Ambient mesh, a new sidecar-less design for Service Mesh that is being added to Istio.

Around the nine-minute mark (see below), a question was raised regarding multi-cluster support. After Lin Sun’s clear and to-the-point reply, Mitch Connors took the opportunity to explain the broader issue, and I’m glad he did, because I think that it’s a crucial issue for enterprises to understand as they consider adopting service mesh:

Mitch Connors replied:

Maybe the questions you’re asking need a solution outside the Istio project.

It’s important for a project like Istio, as it grows, to know what it is and what it isn’t. Looking back on our history, we came out as a way to manage multiple Envoy proxies.

Because Envoy was amazing, but no one in the world needs one. Everyone needs a fleet of Envoy proxies to really achieve most of the benefits they want to get from that technology.

And that’s what Istio does:  it manages a fleet of Envoy proxies.

In multi-cluster, what you’re beginning to need is something to operate a fleet of Istio’s: a fleet of Istio control planes across tens, or dozens, or hundreds of clusters. There are projects out there that are starting to try to do that for you… but I wouldn’t expect to see a solution to that problem from within the Istio project.

We’re not experts on it.  And you should find someone who is, to help you solve it.

—Mitch Connors

I couldn’t agree more:

  • Istio is a solution for managing a fleet of Envoys.
  • Enterprises are realizing they need something to operate a fleet of Istios.
  • That problem requires a solution outside the Istio project.

Tetrate Service Bridge: a Solution for Managing a Fleet of Istios

What Mitch describes here bears a striking resemblance to Tetrate Service Bridge (TSB), Tetrate’s enterprise service mesh designed to manage a fleet of Istio control planes.

After Mitch’s reply, Neeraj Podar added:

Once you have a multi-cluster environment, there’s a lot more to it. You need:

  • A single pane of glass for visibility. [check]
  • A right conduit for telemetry. [check]
  • A management solution, so [that] at scale, if you have hundreds of clusters, you can install and upgrade Istio uniformly. [check]

—Neeraj Podar

Tetrate foresaw this need and built TSB some years ago (version 1.0 was released in the Spring of 2021).

A Succinct Explanation

At Tetrate, as part of my role in training and education, I train our clients on TSB, and I couldn’t have explained TSB as simply and succinctly as both Mitch and Neeraj did in that panel: TSB is an enterprise service mesh, designed to manage a fleet of Istio control planes across dozens, or even hundreds of clusters.  It provides a single pane of glass for visibility, conduits for telemetry, a management solution that can, at scale, allow you to install and upgrade Istio uniformly.

TSB has many more features besides, including built-in support for multi-tenancy, “edge” and “east-west” gateways to manage multi-cluster traffic, a game changer in terms of supporting high availability. Tetrate continues to refine TSB with each new release. Our latest release is version 1.8, and I invite you to take a look at it here.

We have a host of existing, large enterprise clients wielding multi-cluster, multi-tenant Istio-based service mesh with TSB.

In the coming weeks, look for a follow-on article, where I take a stab at explaining TSB myself, perhaps titled “Understanding Tetrate Service Bridge”, or maybe “The need for an enterprise service mesh.”

Eitan Suez
Product background Product background for tablets
New to service mesh?

Get up to speed with free online courses at Tetrate Academy and quickly learn Istio and Envoy.

Learn more
Using Kubernetes?

Tetrate Enterprise Gateway for Envoy (TEG) is the easiest way to get started with Envoy Gateway for production use cases. Get the power of Envoy Proxy in an easy-to-consume package managed via the Kubernetes Gateway API.

Learn more
Getting started with Istio?

Tetrate Istio Subscription (TIS) is the most reliable path to production, providing a complete solution for running Istio and Envoy securely in mission-critical environments. It includes:

  • Tetrate Istio Distro – A 100% upstream distribution of Istio and Envoy.
  • Compliance-ready – FIPS-verified and FedRAMP-ready for high-security needs.
  • Enterprise-grade support – The ONLY enterprise support for 100% upstream Istio, ensuring no vendor lock-in.
    • Learn more
    Need global visibility for Istio?

    TIS+ is a hosted Day 2 operations solution for Istio designed to streamline workflows for platform and support teams. It offers:

  • A global service dashboard
  • Multi-cluster visibility
  • Service topology visualization
  • Workspace-based access control
    • Learn more
    Decorative CTA background pattern background background
    Tetrate logo in the CTA section Tetrate logo in the CTA section for mobile

    Ready to enhance your
    network
    with more
    intelligence?