Istio

☸️⛵ 𝗛𝘆𝗯𝗿𝗶𝗱 𝗠𝘂𝗹𝘁𝗶-𝗖𝗹𝘂𝘀𝘁𝗲𝗿 𝗘𝗻𝘁𝗲𝗿𝗽𝗿𝗶𝘀𝗲 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 (𝗔𝘇𝘂𝗿𝗲 🔗 𝗔𝗪𝗦) 𝘄𝗶𝘁𝗵 𝗜𝘀𝘁𝗶𝗼 🛡️ In today’s enterprise landscape, 𝗺𝘂𝗹𝘁𝗶-𝗰𝗹𝗼𝘂𝗱 𝗮𝗻𝗱 𝗵𝘆𝗯𝗿𝗶𝗱 𝗱𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁𝘀 are no longer optional—they are essential for scalability, resiliency, and regulatory compliance. I recently worked on designing a 𝗛𝘆𝗯𝗿𝗶𝗱 𝗠𝘂𝗹𝘁𝗶-𝗖𝗹𝘂𝘀𝘁𝗲𝗿 𝗘𝗻𝘁𝗲𝗿𝗽𝗿𝗶𝘀𝗲 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 that connects workloads across 𝗔𝘇𝘂𝗿𝗲 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 (𝗔𝗞𝗦) and 𝗔𝗺𝗮𝘇𝗼𝗻 𝗘𝗞𝗦, powered by Istio 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗠𝗲𝘀𝗵 and Cloud Native Computing Foundation (CNCF)𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗚𝗮𝘁𝗲𝘄𝗮𝘆 𝗔𝗣𝗜. 🔎 𝗞𝗲𝘆 𝗛𝗶𝗴𝗵𝗹𝗶𝗴𝗵𝘁𝘀 𝗼𝗳 𝘁𝗵𝗲 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 (𝗜𝗺𝗮𝗴𝗲 𝗔𝘁𝘁𝗮𝗰𝗵𝗲𝗱): 1️⃣ 𝗖𝗹𝗶𝗲𝗻𝘁 𝗥𝗲𝗾𝘂𝗲𝘀𝘁 𝗥𝗼𝘂𝘁𝗶𝗻𝗴 → Seamlessly received and processed across clusters. 2️⃣ 𝗖𝗿𝗼𝘀𝘀-𝗖𝗹𝘂𝘀𝘁𝗲𝗿 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗗𝗶𝘀𝗰𝗼𝘃𝗲𝗿𝘆 → Endpoints shared between Azure and AWS. 3️⃣ 𝗚𝗮𝘁𝗲𝘄𝗮𝘆 𝗔𝗣𝗜 + 𝗜𝘀𝘁𝗶𝗼 𝗜𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗶𝗼𝗻 → HTTPRoutes (e.g., /hello, /) securely route traffic across environments. 4️⃣ 𝗦𝗲𝗿𝘃𝗶𝗰𝗲-𝘁𝗼-𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗖𝗼𝗺𝗺𝘂𝗻𝗶𝗰𝗮𝘁𝗶𝗼𝗻 → Services (A in Cluster 1, B + Echoserver in Cluster 2) interact transparently, as if they were in a single logical cluster. 5️⃣ 𝗠𝘂𝗹𝘁𝗶-𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗥𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝘆 → Network 1 (Azure) and Network 2 (AWS) interconnected with policy-driven configuration. ✨ 𝗪𝗵𝘆 𝗧𝗵𝗶𝘀 𝗠𝗮𝘁𝘁𝗲𝗿𝘀 𝗳𝗼𝗿 𝗘𝗻𝘁𝗲𝗿𝗽𝗿𝗶𝘀𝗲𝘀: ✅ 𝗥𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲: No single point of failure; workloads failover across clouds. ✅ 𝗦𝗰𝗮𝗹𝗮𝗯𝗶𝗹𝗶𝘁𝘆: Burst workloads into AWS or Azure dynamically. ✅ 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆: Mutual TLS (mTLS) across service mesh ensures end-to-end encryption. ✅ 𝗣𝗼𝗿𝘁𝗮𝗯𝗶𝗹𝗶𝘁𝘆: Decoupled application layer, allowing services to run on any cloud. ✅ 𝗙𝘂𝘁𝘂𝗿𝗲-𝗣𝗿𝗼𝗼𝗳𝗶𝗻𝗴: Gateway API adoption prepares organizations for the next-gen Kubernetes ingress/egress standard. 💡 This architecture enables enterprises to 𝗯𝘂𝗶𝗹𝗱 𝗰𝗹𝗼𝘂𝗱-𝗮𝗴𝗻𝗼𝘀𝘁𝗶𝗰, 𝗿𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝘁, 𝗮𝗻𝗱 𝗵𝗶𝗴𝗵𝗹𝘆 𝗮𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝘀𝗲𝗿𝘃𝗶𝗰𝗲𝘀, aligning with digital transformation goals and governance needs. 🌍 In an era where 𝗰𝗹𝗼𝘂𝗱 𝗹𝗼𝗰𝗸-𝗶𝗻 𝗶𝘀 𝗮 𝗿𝗶𝘀𝗸, hybrid multi-cluster designs like this empower organizations to 𝗼𝘄𝗻 𝘁𝗵𝗲𝗶𝗿 𝘀𝘁𝗿𝗮𝘁𝗲𝗴𝘆, 𝗻𝗼𝘁 𝗷𝘂𝘀𝘁 𝗿𝗲𝗻𝘁 𝗶𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲. 👉 I’d love to hear from other cloud and DevSecOps professionals: How are you solving 𝗺𝘂𝗹𝘁𝗶-𝗰𝗹𝗼𝘂𝗱 𝘁𝗿𝗮𝗳𝗳𝗶𝗰 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 in your organization? Have you adopted the 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗚𝗮𝘁𝗲𝘄𝗮𝘆 𝗔𝗣𝗜 yet, or still using Ingress? #Kubernetes #Istio #ServiceMesh #MultiCloud #AWS #Azure #DevOps #CloudArchitecture #HybridCloud

I haven’t posted much about Istio Ambient lately. Not because I stopped using it—quite the opposite. I’ve been running Ambient for all my AI agents, MCP servers, and apps, and I simply haven’t had to think about it. ✨ It just works. The mesh delivers its benefits effortlessly, no more 🐞 debugging. And that’s exactly the outcome we had in mind when we started Istio Ambient. 🚀

Excited to be speaking at Istio Day during Kubecon NA this fall with Michael Bolot about the work we've been doing to build a service mesh atop Istio for databases! Istio doesn't just stop at microservices, and while it’s not easy, we've found there are a lot of benefits to running a Service Mesh across the stack. I look forward to sharing some of our design decisions and some of the hiccups we’ve hit along the way. https://lnkd.in/ezxitrfm

Exploring kagent with Istio ambient mesh — Visualizing Traffic in Kiali. Ready to integrate your AI agents and MCP servers into Kubernetes and Istio ambient mesh? 🤔

Beyond excited 🎉 to be doing a live demo during the opening keynote of AI_dev with Mark Collier and Ricardo Rocha in beautiful Amsterdam 🇳🇱! Even more fun — I’ll be competing ⚡with my fellow Cloud Native Computing Foundation (CNCF) TOC member, Ricardo Rocha, who’s always 🔥 at delivering live demos! I’ll be showcasing agentgateway with LLMs, AI agents, MCP servers, Argo Project, Jaeger, Istio, and maybe a few other surprises! ✨ Check out the AI_dev schedule: https://lnkd.in/eqx5QCXR

Istio 1.27 is out! This release adds Gateway API Inference Extension support to help run AI workloads on Kubernetes. Ambient mode now supports multi-cluster deployments in alpha. Learn about these and many more features and bug fixes: https://lnkd.in/gRx5dEtb

Na última segunda-feira (23/06), participei de mais um meetup da Cloud Native São Paulo 🇧🇷, desta vez sediado no C6 Bank. O tema em pauta foi Istio, sua versatilidade e suas inúmeras funcionalidades, apresentadas de forma brilhante pela solo.io. Caiuã Iorio Costa Luana S. #Istio #ServiceMesh #Kubernetes #CloudNative

🚦 Traffic Management with Istio | Part 4: Zero-Touch Canary Deployments 🎬✨ I'm thrilled to wrap up the Traffic Management with Istio series with this final part! 🎉 In this article, I walk you through automating canary releases using Istio 🔧 and Flagger 🤖 for zero-touch deployments. 🌟 Here’s what we cover in this part: 🌍 How Flagger automates your canary release process from start to finish 🚀 Full traffic shifting without manual intervention – it’s all automated! 📊 Monitoring canary performance using Prometheus & Grafana 🖥️ 🧪 Pre-rollout checks & synthetic traffic load testing for safer rollouts 🔄 How GitOps can trigger your canary releases for fully automated continuous delivery 🌱 Want to learn how to make your production rollouts flawless with zero downtime? 🕒 👉 Read the full story on Medium! https://lnkd.in/gGt3Wvn9 💬 Drop your feedback, thoughts, or any questions you have in the comments! I'd love to discuss progressive delivery, Istio, Flagger, and how they can transform your CI/CD workflows. 🔥 #Istio #Flagger #Kubernetes #DevOps #CloudNative #TrafficShifting #SRE #CanaryRelease #Automation #GitOps #ProgressiveDelivery #Tech #Medium

🎉 We're thrilled to announce the 1.0 release of the Signadot Kubernetes Operator and CLI! This major milestone introduces powerful new features to supercharge your Kubernetes development workflows. 1) Istio Ambient Mesh Support With our 1.0 release, we're introducing experimental support for Istio's ambient mesh. This is a game-changer for developers who want to leverage the benefits of service mesh without the complexity and resource overhead of sidecars. Now you can get request-level isolation for your ephemeral environments in ambient mode, making it easier than ever to test your microservices in a realistic environment. A big shout-out to the team at Istio for their work on ambient mesh, we're excited to be a part of this ecosystem! 2) Enhanced Local Development We've also made significant improvements to our local development experience. The Signadot CLI now allows you to fetch secrets and configmaps from your Kubernetes cluster and inject them directly into your local development environment. This ensures that your local setup perfectly mirrors your cluster configuration, helping you to catch issues earlier and iterate faster. 3) Open-Sourced Browser Extension Finally, we're excited to announce that we've open-sourced our browser extension! The extension makes it easy to route traffic to your sandboxes, and now you can see exactly how it works, contribute your own improvements, and be a part of its future development. Read more about all of these features in Anirudh Ramanathan's blog post: https://lnkd.in/grnYqXbk #kubernetes #microservices #istio #servicemesh #development #opensource #devops #platformengineering #developerexperience

Istio Day is once again coming to #KubeCon — this time in Atlanta, GA in November. Want to present — new features, case studies, a lightning talk? Our Call for Proposals is open, closing June 30! https://lnkd.in/ejC_BSU8