VMware taps into Istio to manage Kubernetes clusters

web
VMware is adding blending in Istio to its NSX platform to better manage containers and microservices. (Pixabay)

VMware announced Monday that it has added open source Istio software to its NSX networking platform to better manage containers and microservices.

Istio, which allows users to connect, manage and secure microservices for both containerized and non-containerized workloads, was developed by IBM, Google and Red Hat before it was put into open source last year.

NSX Service Mesh extends the capabilities of Istio's service mesh technology to bring more visability, control and security at the application layer to microservices and the data those microservices access, according to a blog post today by Scott Goodman, product marketing manager for VMware.

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceTelecom!

The Telecom industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceTelecom as their must-read source for the latest news, analysis and data on the intersection of telecom and media. Sign up today to get telecom news and updates delivered to your inbox and read on the go.

With the advent of cloud-native architectures that are built on distributed microservices, developers are facing challenges in regards to visibility, management and control of the new applications, Goodman said. The applications, which are developed on cloud-native platforms such as Kubernetes or Cloud Foundry, use different programming languages across multiple cloud environments.

RELATED: VMware unveils Kubernetes as a service offering for multicloud

These new applications have more endpoints to scale, secure, and monitor than in traditional ones, according to Goodman, all of which leads to siloed services. In order to solve some of these challenges, VMware came up with its NSX Service Mesh. 

A service mesh is a transparent and language-independent way to observe, automate, secure and control microservices, according to Goodman. Speaking at last week's ONF Connect Conference, Google Fellow Eric Brewer said that Google uses Istio and a service mesh to help it manage the tens of thousands of services it has running at the same time.

NSX Service Mesh simplifies the onboarding of Kubernetes clusters while also plugging into the broader NSX platform for a unified and intelligent set of policies, network services and visibility tools, according to Goodman.

"NSX Service Mesh will also extend the discovery of services—a capability found in other service meshes—to include the data that they access, as well as the users initiating the microservice transactions," he said. "It will enable service and API visibility and remediation to help ensure consistent application service level objective policies and support progressive rollouts."

"It will allow for management of authentication, authorization, and encryption of service communications, and will enable tracing, monitoring, and logging for visibility into the health and performance of services. Finally, it will expand visibility and security to the data accessed by microservices, and the users of the applications based on these services."

The net result is a service mesh that secures and provides visibility into the apps, data and users across cloud-native application platforms, Goodman said.

The NSX Service Mesh Beta will initially support Cloud PKS in early 2019, with support for PKS, creating a federated mesh and additional platforms in the near future.

Last month, Google announced it had added Istio access to its Kubernetes Engine (GKE) platform in order to enable a service mesh platform for containers that are running in GKE.

OPNFV and ONAP have also announced they are integrating Istio into their platforms to work with Kubernetes, containers and microservices. The Open Networking Foundation (ONF) has already integrated M-CORD with Istio and demonstrated it at Mobile World Congress Americas this past September.

Suggested Articles

White box vendors such as Lanner are increasingly important as network operators move from proprietary hardware to more generic hardware.

Attacks against data center and cloud services tripled between 2017 and 2018, but the good news is that the security ecosystem is responding.

When the digital twin is turned up, it invariably finds issues lurking just below the surface, such as misconfigured VLANs.