The expanding cloud-native ecosystem, an increase in open-source projects and the efforts of many companies to modernize their applications have fueled enterprise demand for service mesh. Service mesh is a programmable framework that allows an organization to secure, connect and monitor microservices.
Container-based microservices are loosely coupled components of an application that communicate with each other using well-defined application programming interfaces (APIs). However, microservices and several distributed, loosely-coupled components mean potential management and communication challenges. Service mesh is designed to make these issues airtight.
There are many open-source frameworks that help monitor this traffic between individual components but Istio is winning the race, in part due to its powerful symbiosis with Kubernetes. In fact, some industry observers have asserted that Istio is becoming the Kubernetes for service mesh; just as Kubernetes emerged as the container standard, Istio looks like it will serve as the same for service mesh.
Lin Sun, Director of Open Source at Solo.io, has worked on Istio service mesh since 2017 and serves on the Istio Technical Oversight Committee. In this eWEEK Data Points article, Sun examines why Istio is winning the service mesh battle so far here in 2021.
Data Point No. 1: Kubernetes alignment
Kubernetes, originally developed by Google, works with a range of container tools and runs containers in a cluster, often with images built using Docker. It has become the de facto container orchestration platform and the new application platform.
Istio provides its APIs as Kubernetes Custom Resource Definitions (CRDs), so that users can declare their intention as policies using these service-mesh custom resources. These user-provided resources instruct the service-mesh control plane to program the sidecar proxies to solve these inter-service communication challenges based on users’ intentions.
While many service-mesh projects support services running in Kubernetes, service mesh is not only designed for Kubernetes. Many users are still running their services on virtual machines or bare metal, and it will take time for them to transition many of these to run on containers. It is critical for service-mesh projects to provide a smooth experience to assist users in this transition, such as securely bootstrap the service identity running on VMs, observe and configure a unified service that partially runs VM and partially in K8s.
Data Point No. 2: Istio has powerful backers
Early OSS participants such IBM, Lyft and Google, are all very active. Google continues to be the most significant contributor to Istio, while IBM remains the second-largest contributor. Lyft is the second-largest contributor to Envoy proxy, the default proxy used in Istio. It is fascinating to see many other Istio contributing companies and individual contributors joining these cofounders.
Data Point No. 3: Service-mesh popularity has fueled open source project momentum
The service-mesh ecosystem is vibrant; there are many open-source projects and vendor-specific projects that provide an implementation of a service mesh. The fact that there are many service-mesh options validates strong interest in service mesh. Many projects are listed at CNCF Service Mesh landscape, including but not limited to Istio, Linkerd, Consul Connect, AWS App Mesh, Gloo Mesh, Kuma, Open Service Mesh, etc. While the industry has not finalized which service-mesh project is the de facto standard, Istio is the most popular service mesh from a recent survey by CNCF in late 2020.
Data Point No. 4: Istio differentiates through its unique functionality
There are many aspects that differentiate Istio from the other open-source options. Istio has 350+ contributing companies and 1900+ individual contributors for the past year and is the dominant service mesh in production today. Istio is stable for service owners to consume its core functions, and the project is committed to focusing on day 2 operations for Istio users.
The project also strives to provide a transparent experience for users to move their service to Istio with zero or minimal code change, including debugging tools (such as istioctl analyze) to help users quickly troubleshoot when things are wrong. It is the most feature-rich service mesh, enabling users to connect services across multi-clusters securely, quickly onboard services running on VMs, plugging external authorization systems and extending the Istio data plane using Envoy filter or WebAssembly (Wasm). It moves closer to Kubernetes by supporting the Kubernetes Gateway API and Multi-Cluster service API.
Data Point No. 5: WebAssembly extensibility a game-changer
I cannot overemphasize the importance of being able to tailor Istio to a customer’s specific needs. WebAssembly (Wasm) is a fast, efficient, portable binary instruction format that provides an embeddable and safe execution environment for platform extensions. With Wasm, users can write (in any language) modules that extend their service mesh proxy in a way that best fits their needs. Wasm may soon become the technology of choice for dynamically extending cloud-native applications— with Istio leading the way.
As we move through 2021 and enterprises continue down their digital transformation paths, more businesses will shift to microservices and a cloud-native architecture. An integral part of this modernization process involves technologies that connect, control and manage different components within this ecosystem.
Istio is emerging as the service mesh of choice to tackle these technology tasks and more, and you can expect contributor and implementation numbers to steadily increase. Watch this space.