CNCF’s flagship conference, KubeCon + CloudNativeCon EU 2020, ran virtually this year (Aug. 17-20), bringing 4,100 attendees from 109 countries to its digital lobby and expo hall. 

Tweet on the digital lobby

Co-located events were devoted to cloud native security, serverless, and service mesh.

The CNCF announced 17 new members and the acceptance of Thanos, an open source metrics project, to incubation level; major industry announcements included GA releases and products from AWS, Redhat, and Snyk, among others.

This blog describes high-level takeaways from the keynote and service mesh-related sessions. Disclosure: the author writes for the enterprise service mesh company, Tetrate.

General takeaways

Our takeaways from the keynote sessions:

1. “Our lives have gone remote, our challenges have gone global.” — Priyanka Sharma, CNCF general manager

Open source, cloud native technologies are helping organizations to pivot and adapt to the Covid-era, and the pandemic has driven an increase in cloud adoption. Open source projects are especially suited to keep organizations nimble as they modernize and adapt to today’s challenges.

Priyanka Sharma


2. Our infrastructure decisions impact climate change

Deployments are happening at the cluster level, and inefficiencies are not only costly but have a potent impact on climate. Our charge is to build innovations that maximize, automate, and facilitate efficiency, elasticity and utilization in our infrastructure. 

Emily Cummins, "How to use Kubernetes and Not Wreck the Planet"

3. End users are partners in cloud native innovation

CNCF Ecosystem Director Cheryl Hung highlighted the point in her keynote, “Why End Users are More than Passive Consumers,” and end users demonstrated its truth in case study sessions and a CNCF end-user panel

Service mesh takeaways

Sessions run by experts and leaders from open source and cloud-native communities– available on demand to registrants through November– covered wide and deep the perennial issues of cloud native infrastructure: networking, security, and observability.

Dozens of talks centered around service mesh. For newcomers, a service mesh is an approach that decouples operations from development by addressing networking, security, and observability issues across applications with an independent networking layer, or a “mesh” that controls communications between services. 

1. The service mesh approach to architecture continues to be on the rise

Service mesh survey shows 1/5 of companies using service mesh, and almost half are evaluating. Istio and Linkerd are the top projects under consideration.

The latest CNCF survey found that about 1 in 5 organizations surveyed were using a service mesh project, but that almost half were evaluating the use of a service mesh. For those evaluating, Istio (69%) and Linkerd (64%) were the top two tools in consideration.

CNCF project updates this year feature integration and support for Envoy (SPIFFE/SPIRE, Contour) and Istio service mesh (Argo) as well as support for federation (SPIRE).

2. In the Envoy community, the coming year will be all about extensibility

Tetrate’s Cynthia Coan and Rei Shimizu gave a talk on API gateways, noting that the ability to dynamically extend Envoy at runtime via WebAssembly (Wasm) opens the door to many new capabilities– including moving API gateway functionality into the mesh layer.


Yaroslav Skopets, also from Tetrate, gave a lightning talk on “Making Envoy Contributions Feasible for Everyone.” Look for coming updates from Tetrate and GetEnvoy that will make it easier for developers and extension end users to create and test Envoy extensions.


3. Service mesh is not only for containers

Service mesh solves problems that arise with containerization, so organizations often evaluate a service mesh because of pain points that are felt after moving to microservices. But the benefits of service mesh can apply equally to traditional and modern applications. Increasingly they will be used to bridge hybrid workloads, ease migration from brownfield to greenfield, and to improve resiliency in any environment.

One KubeCon use case session described how, the largest online retailer in the Netherlands, adopted Envoy and mesh to get resilient and uniform connectivity across clusters and data centers, running services on Kubernetes in cloud and on-prem. In another case, Lyft developed an Envoy control plane to bridge multiple Kube clusters and legacy infrastructure. Tetrate’s contributions to Istio in 2020 focused heavily on creating a smooth bridge between VMs and modern services.

4. Simplifying mesh operations

Nobody’s claimed service meshes are simple. But service mesh projects are continually improving and adapting to real-world needs and challenges. A case in point: Istio this spring introduced a monolithic “Istiod” control plane binary to simplify installation and ease its operation. The move reduces “cognitive load” on the individual or small team that typically runs Istio in an organization, Louis Ryan explained in his ServiceMeshCon talk, “Istio Simplified.” Tetrate’s Lizan Zhou and Google’s Jianfei Hu presented tips for mTLS in the context of the gradual incorporation of services that’s typical to mesh rollouts in the real world.

Use "permissive" setting in Istio while integrating services to the mesh, then set to "strict" to accept mtls traffic only

The community

Our final takeaway– as always, the open source community never disappoints. 

Congratulations to the organizers, speakers and participants for their contributions as well as the creativity, inclusivity, and nimbleness that was showcased at this event.

Kubecon tweet on CNCF milestones

Cheryl hung kicks off Kubecon with a cold brew

What were your takeaways? We’d love to hear them, along with any questions about service mesh. Post to @tetrateio and #kubecon.

Tevah Platt - Marketing & CommunicationsTevah Platt is a content writer for Tetrate, which offers service mesh solutions for enterprise. Tetrate builds tools powered by Istio and Envoy, and is a top contributor to those open source projects.