Virtualization Technology News and Information
Avi Networks Takes Service Mesh Beyond Containers with Integrated Istio

Service mesh is more than just a technology for microservices and containers. Avi Networks sees it as the future of application delivery, security, and visibility, with the potential to reshape the nearly $12B market for application services (load balancing, security, and monitoring). Avi Networks today announced Universal Service Mesh, adding two major enhancements to the Avi Vantage Platform.

First, Avi is delivering enhanced, full-featured, ingress and gateway services to Istio to facilitate secure connectivity for Kubernetes applications across multiple clusters, regions, or clouds. These include L4-L7 traffic management, security including WAF, and observability.

Second, Avi Networks is integrating Istio within its Avi Controller and extending service mesh features to applications running on bare metal servers or virtual machines. This enables customers to deploy a single service mesh across all of their applications, traditional and containerized, both on-prem and in public clouds.

"As IDC noted in a recent report, the Avi Vantage software-defined platform, with its decoupled control plane and proxy-based data plane, prefigured and anticipated the formal emergence of open-source service meshes such as Istio," said Brad Casemore, Research Vice President, Datacenter Networks at IDC. "In that respect, the integration of Avi's Universal Service Mesh with Istio is a logical progression."

Casemore added "What's more, Avi recognizes that enterprise customers will require service-mesh capabilities-for traffic management, security, and observability-not only within a Kubernetes cluster, but across multiple clusters, multiple clouds, multiple regions, and spanning applications running on a wide array of heterogeneous infrastructure (containers, virtual machines, bare metal)."

Avi's Universal Service Mesh builds on Avi Vantage's existing container services for Kubernetes and OpenShift, which include north-south (ingress) load balancing, global server load balancing (GSLB), web application firewall (WAF), and east-west traffic management across multi-cluster, multi-region, and multi-cloud environments. The integration of Istio enhances Avi's capabilities with identity-based security, real-time application monitoring, and enterprise-grade authentication and authorization.

Features of Avi's Universal Service Mesh include:

Universality Multi-Cloud: A single service mesh for clusters across on-premises data centers and public clouds Multi-Infrastructure: Extended for both traditional and cloud-native applications deployed in virtual machines and bare metal servers in addition to containers Multi-Cluster: Inter/intra-cluster traffic management and secure gateways Multi-Region: GSLB for multiple regions and geo-aware load balancing Traffic Routing Ingress gateway with integrated IPAM/DNS, blacklist/whitelist and rate limiting L4-7 load balancing with SSL/TLS offload Automated service discovery and application map Security Zero-trust security model and encryption Distributed WAF for application security and DDoS Single sign-on (SSO) integration Observability Real-time application performance monitoring and tracing Big-data-driven connection log analytics Machine-learning-based insights and app health analytics

"The Avi Universal Service Mesh exemplifies our original vision of enterprise-grade services for traditional and modern applications across multi-cloud environments," said Ranga Rajagopalan, CTO and co-founder at Avi Networks. "Integrating Avi's platform with Istio extends and enhances the security, observability, and traffic management features of the service mesh across clouds and application architectures beyond containers. Jointly, we will accelerate the adoption of modern application services in enterprises."

The Universal Service Mesh will be available in multiple phases starting Q1 2019, with phase one including Istio-integrated ingress and gateway services for Kubernetes. The Universal Service Mesh can be deployed as SaaS or customer managed.

Published Tuesday, December 04, 2018 8:37 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2018>