Tetrate’s partnership with AWS, with today’s announcement of Amazon EKS Distro (EKS-D), provides their joint customers with unified application connectivity and security across workloads, on-premises and on AWS cloud. EKS-D was unveiled at re:Invent 2020 as a Kubernetes offering that can run on-premises, in data centers owned or operated by customers. There are several benefits to EKS-D that we believe will be useful for customers in accelerating, streamlining, and unifying the efforts needed to modernize their applications and cloud migration.
Since on-premises EKS-D and EKS on the cloud have the same kernel of a runtime for the compute environment, customers can choose—based on business drivers—the right time to move their containerized workloads between on-premises and AWS cloud.
Application connectivity and seamless portability require an application-aware, cloud-native networking layer. It’s a fundamental need, but not easy to achieve. Tetrate Service Bridge (TSB) is uniquely positioned and purpose-built to be the cloud-native continuum. With TSB, you can run the same secured, validated, and tested Istio service mesh for a multi-tenant and multi-cluster environment anywhere you want.
What is Tetrate Service Bridge?
Built atop Istio, TSB is Tetrate’s flagship product that serves as a management plane to multiple Istio control planes across Kubernetes clusters or VMs, on-premises or in any cloud. TSB enables easier operability and access to enterprise-grade (upstream or FIPS-compliant) Istio.
Multi-tenancy, traffic management, mesh, and application-level observability, end-to-end mTLS (mutual Transport Layer Security), fine-grained authorization, and application security are key elements of the product. TSB ensures that end-user SLAs are met and that businesses keep their promises in either scenario — whether enterprises migrate to the cloud incrementally or digitally transform by rearchitecting whole or parts of their applications for containerized platforms. To learn more about Tetrate Service Bridge, please visit the product page.
Frequently Asked Questions
What is a service mesh?
Service meshes provide policy-based, network services for network-connected workloads by enforcing the desired behavior of the network in the face of constantly changing conditions and topology. Service meshes are an addressable infrastructure layer that allows you to manage both modernizing existing monolithic (or other) workloads as well as wrangling the sprawl of microservices. [As mentioned in Istio Up & Running, co-authored by Zack Butcher @ Tetrate. Reach out to us if you want a discount code]
What is TSB’s value compared to Istio?
From first principles to the newest features, we have developed TSB to reduce complexity and increase the reliability that an enterprise needs. On top of the benefits provided by Istio, we add capabilities for multi-tenancy, multi-cluster mesh, traffic management, mesh and application-level observability, end-to-end mTLS (mutual Transport Layer Security), and fine-grained authorization. TSB is also made to work the way your teams do. It can adapt to the governance and workflows of your organization.
What versions of Istio does TSB provide and support?
1.7 and above
What versions of Kubernetes are supported?
1.16 and above
What about the support for Envoy Proxy (Data plane)?
Yes. A TSB subscription includes enterprise support for Envoy Proxy.
How do users get security patches and upgrades for Envoy and Istio?
TSB customers get zero-day vulnerabilities, security patches, and seamless upgrades to Envoy and Istio, including backporting security fixes to older versions of Envoy.
How do I get commercial support?
Tetrate offers annual subscription-based commercial licenses to Tetrate Service Bridge that in turn come with support. Please contact us for more information.
###
If you’re new to service mesh, Tetrate has a bunch of free online courses available at Tetrate Academy that will quickly get you up to speed with Istio and Envoy.
Are you using Kubernetes? Tetrate Enterprise Gateway for Envoy (TEG) is the easiest way to get started with Envoy Gateway for production use cases. Get the power of Envoy Proxy in an easy-to-consume package managed by the Kubernetes Gateway API. Learn more ›
Getting started with Istio? If you’re looking for the surest way to get to production with Istio, check out Tetrate Istio Subscription. Tetrate Istio Subscription has everything you need to run Istio and Envoy in highly regulated and mission-critical production environments. It includes Tetrate Istio Distro, a 100% upstream distribution of Istio and Envoy that is FIPS-verified and FedRAMP ready. For teams requiring open source Istio and Envoy without proprietary vendor dependencies, Tetrate offers the ONLY 100% upstream Istio enterprise support offering.
Need global visibility for Istio? TIS+ is a hosted Day 2 operations solution for Istio designed to simplify and enhance the workflows of platform and support teams. Key features include: a global service dashboard, multi-cluster visibility, service topology visualization, and workspace-based access control.
Get a Demo