Tetrate is proud to be a launch partner supporting the launch of k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud-native applications across any infrastructure. This partnership between Mirantis and Tetrate aims to simplify the management of Kubernetes clusters and accelerate innovation for modern distributed workloads. k0rdent leverages Istio service mesh to enhance the security, observability, and traffic management of applications deployed on the platform.
About the Partnership
Tetrate and Mirantis are both leading providers of cloud-native solutions. Tetrate focuses on application networking and security, with expertise in Istio service mesh and Envoy application gateway and proxy. Mirantis specializes in Kubernetes management and provides a comprehensive platform for deploying and managing containerized applications. Tetrate provides a consistent way to connect and protect thousands of individual microservices and deliver Zero Trust security operations across any environment. Security operators can easily implement service-to-service security, including encryption, role-based access, and authentication across services.
This partnership brings together the strengths of both companies to deliver a powerful and comprehensive solution for managing cloud-native applications. By combining Mirantis’s expertise in Kubernetes with Tetrate’s Istio expertise, k0rdent offers a robust and secure platform for deploying and managing modern workloads.
The Launch of k0rdent
Mirantis launched k0rdent as the first open-source DCME to provide a single control point for cloud-native applications on any infrastructure. It simplifies the management of Kubernetes clusters across different environments, including on-premises, public clouds, and hybrid clouds. k0rdent simplifies maintenance across cloud service providers and on-premises infrastructure with declarative automation, centralized policy enforcement, and production-ready templates optimized for modern workloads.
k0rdent enables platform engineers to create customized Internal Developer Platforms (IDPs) by managing Kubernetes clusters on any infrastructure. Its composable architecture allows platform engineers to tailor it to their specific requirements, and standardized deployment templates are provided to accelerate implementations. This composable architecture empowers platform engineers to customize k0rdent and create tailored IDPs, leading to greater flexibility and control over their development environments.
k0rdent leverages the open-source Cluster API, enabling the creation of Kubernetes clusters and the deployment of existing clusters anywhere.
How k0rdent Supports Istio
k0rdent is designed to work seamlessly with Istio service mesh. While Kubernetes provides basic service discovery and load balancing, Istio extends these capabilities with more advanced traffic management, security, and observability features.
Istio’s data plane uses Envoy proxies deployed as sidecars to mediate and control all traffic that your mesh services send and receive. These proxies intercept network traffic, allowing Istio to manage it and enforce policies.
k0rdent leverages Istio to provide the following benefits:
- Traffic Management: Istio enables fine-grained control over traffic flow between microservices. This allows for advanced routing, traffic splitting, and fault injection, which can be used to improve application resilience and facilitate canary deployments. For example, Istio’s routing rules can direct traffic to different versions of a service based on specific criteria, enabling A/B testing or gradual rollouts of new features.
- Security: Istio provides robust security features, including mutual TLS authentication, authorization policies, and encryption. Mutual TLS authentication enhances security by providing strong identity verification and encryption for service-to-service communication within the mesh. This ensures that only authorized services can communicate with each other, protecting against unauthorized access and data breaches.
- Observability: Istio offers detailed telemetry data, including metrics, logs, and traces, which helps in monitoring and troubleshooting applications. This data provides valuable insights into application performance, enabling proactive monitoring, faster troubleshooting, and improved issue resolution.
Benefits of Using k0rdent with Istio
Combining k0rdent with Istio offers several benefits for organizations deploying cloud-native applications:
| Benefit | Description |
| Simplified Management | k0rdent provides a single control point for managing Kubernetes clusters and Istio service mesh, simplifying operations and reducing complexity. |
| Enhanced Security | Istio’s security features enhance the security of applications deployed on k0rdent, protecting against threats and ensuring compliance. |
| Improved Performance | Istio’s traffic management capabilities optimize application performance by routing traffic efficiently and handling failures gracefully. |
| Increased Agility | k0rdent and Istio enable faster deployments and easier rollouts of new features and updates. |
Future of the Partnership
Tetrate and Mirantis are committed to the continued development and enhancement of k0rdent and its integration with Istio. They plan to expand the platform’s capabilities and support for new technologies and use cases. Tetrate envisions a universal application connectivity platform powered by service mesh, which aligns with the partnership’s goals and provides context for the future direction of k0rdent and its integration with Istio.
Tetrate is actively involved in the development of Envoy AI Gateway, which aims to provide a standardized and scalable approach to AI service integration. This initiative could potentially be integrated with k0rdent in the future, enabling the deployment and management of AI workloads on the platform.
The future plans of this partnership will further contribute to the growth and development of the Istio ecosystem by expanding its capabilities and promoting wider adoption.
Impact on the Istio Ecosystem
The partnership between Tetrate and Mirantis and the launch of k0rdent have a positive impact on the Istio ecosystem:
- Increased Adoption: k0rdent makes it easier for organizations to adopt and use Istio, expanding the reach and adoption of the service mesh technology.
- Community Contributions: Both companies are active contributors to the Istio open-source project, driving innovation and contributing to the growth of the community. Tetrate is committed to open source and is a leading contributor to the Istio project, further reinforcing the partnership’s positive impact on the Istio ecosystem.
- Industry Standards: Tetrate’s collaboration with NIST on defining Zero Trust security standards benefits the Istio ecosystem by promoting best practices and security standards. This collaboration leverages NIST’s experience with cybersecurity and Tetrate’s expertise on secure service mesh to produce U.S. security standards for a distributed architecture.
Conclusion
The partnership between Tetrate and Mirantis for the launch of k0rdent represents a significant step forward in the cloud-native landscape. By combining Mirantis’s Kubernetes expertise with Tetrate’s Istio expertise, k0rdent offers a powerful and comprehensive platform for deploying and managing modern applications. The integration with Istio enhances the security, observability, and traffic management capabilities of the platform, making it an ideal choice for organizations looking to modernize their applications and embrace cloud-native technologies.
k0rdent’s composable architecture empowers platform engineers with the flexibility to customize the platform and create tailored IDPs, giving them greater control over their development environments. The platform also simplifies the management of Kubernetes clusters across diverse infrastructures, from on-premises to public and hybrid clouds.
Istio’s advanced traffic management capabilities, such as routing rules and traffic splitting, enable organizations to optimize application performance and resilience. Its robust security features, including mutual TLS authentication, ensure secure communication between services, while its detailed telemetry data provides valuable insights for monitoring and troubleshooting.
This partnership has a positive impact on the Istio ecosystem by increasing adoption, driving community contributions, and promoting industry standards for Zero Trust security. The collaboration between Tetrate and Mirantis is poised to drive further innovation in the cloud-native space, making k0rdent and Istio key technologies for organizations seeking to modernize their applications and infrastructure.
###
If you’re new to service mesh, Tetrate has a bunch of free online courses available at Tetrate Academy that will quickly get you up to speed with Istio and Envoy.
Are you using Kubernetes? Tetrate Enterprise Gateway for Envoy (TEG) is the easiest way to get started with Envoy Gateway for production use cases. Get the power of Envoy Proxy in an easy-to-consume package managed by the Kubernetes Gateway API. Learn more ›
Getting started with Istio? If you’re looking for the surest way to get to production with Istio, check out Tetrate Istio Subscription. Tetrate Istio Subscription has everything you need to run Istio and Envoy in highly regulated and mission-critical production environments. It includes Tetrate Istio Distro, a 100% upstream distribution of Istio and Envoy that is FIPS-verified and FedRAMP ready. For teams requiring open source Istio and Envoy without proprietary vendor dependencies, Tetrate offers the ONLY 100% upstream Istio enterprise support offering.
Need global visibility for Istio? TIS+ is a hosted Day 2 operations solution for Istio designed to simplify and enhance the workflows of platform and support teams. Key features include: a global service dashboard, multi-cluster visibility, service topology visualization, and workspace-based access control.
Get a Demo