It is a monumental day in the world of DevOps! Open source project Istio has graduated within the CNCF landscape.
Istio is an open source service mesh software built to solve the growing challenges of security and network in cloud-native applications. Istio empowers DevOps team and SREs to easily implement zero-trust security, network policies, load balancing, advanced traffic management, and enterprise-wide observability.
The open source project is contributed by over 1000+ companies, and nearly 80% of the contributions come from Google and IBM alone.
Graduation of any project is the highest level of maturity in the Cloud Native Computing Foundation’s (CNCF) landscape. Istio has achieved this through the incredible efforts of the open-source community, and customers who have adopted it.
We from IMESH Congratulate and thank everyone in the community who played a part in reaching this significant milestone.
Why is the Istio CNCF graduation important?
Every open source project that is registered into the CNCF landscape can be registered into 3 categories based on their maturity level.
Istio has been accepted into the incubating category in 2022. Within a year, the Istio project passed all the criteria to be graduated. Some important and difficult criteria that Istio qualified to be a CNCF graduate are:
- Completed an independent and third-party security audit. Check all the critical vulnerabilities of Envoy and Istio addressed.
- Standardized project governance and committee process
- Successful evidence of enterprises who have successfully implemented Istio and realized value out of it.
- Constant innovation with frequent contributions. Istio is the 3rd most active project in CNCF.
The CNCF graduation symbolizes two powerful elements of Istio:
- Faster innovation with frequent and faster contributions with proper governance.
- Secured and ready-to-use open source Istio with almost zero critical vulnerabilities.
Latest Istio innovations worth noting
In 2022-23, the Istio project has taken strides to improve its adoption furthermore. A few areas where Istio has brought innovations are worth noting.
Scalability and Performance with Ambient Mesh
Istio has been known for being resource-heavy because of sidecar implementation for mTLS. Medium enterprises, with limited cloud spending, wanted a solution for the scalability and performance issue in Istio. In September 2022, the community launched Ambient Mesh — a highly scalable and performance Istio. It is beta and expected to be production-ready by the end of 2023.
Better traffic management with Kubernetes Gateway API
Istio offers its own ingress controller called Istio ingress gateway, which can handle traffic at the edge. Istio ingress controller can be used as an API gateway too. But to support multiple implementations such as mTLS, routing, and supporting protocols was tricky using ingress gateway. Hence, the Istio committee decided to use Kubernetes Gateway API to overcome the limitation of compatibility and support all the use cases for handling traffic at the edge. This is also in beta and is expected to go live by the end of 2023.
Supporting Quote from IMESH on Istio graduation
“Application owners, architects, and DevOps users have been implementing Istio service mesh in droves. And there were shortcomings while using Istio service mesh for various use cases in enterprises. But with the pace at Istio project is evolving and innovating, I am sure it will be a one-stop-shop solution for security and network transformation projects,” said Ravi Verma, CTO of IMESH. “We at IMESH will contribute to making Istio ubiquitous for enterprises of all sizes and domains.”
IMESH: Enterprise Istio for Production
IMESH helps enterprises to simplify and secure their network of cloud-native applications using Istio service mesh. IMESH extends the capabilities of open-source Istio with add-on modules and services that help enterprises adopt Istio in production, including:
- Unified observability of all microservices
- Deep visibility into metrics, logs, and traces
- 40+ integrations with CI/CD tools
- Pre-defined templates for network policy implementation
- Free Istio training and consultation
- 24*7 Istio enterprise support for Istio implementation & maintenance
Quotes from Google and IBM
We encourage the leaders, maintainers, and overall community members in Istio for bringing immense value to solve security and network concerns in cloud-native applications. Quotes from Google, IBM, and Red Hat as per the CNCF Istio graduation press release.
“With the rise of microservices architectures as the de facto pattern for authoring modern applications, connecting, observing, and securing the complex landscape of containers and services has become a challenge for engineers. Google is proud of our role in the creation and development of Istio as a comprehensive solution to this hard problem. Istio’s graduation, as well as its leading position as the world’s most adopted service mesh technology, reinforces our belief that it should be easy for everyone to benefit from secure, robust service-based applications.” – Cameron Etezadi, Director of Engineering, Google Cloud
“After having helped to found the Istio project and contributing to it since its launch, IBM is proud to see the project graduate from CNCF and be recognized for its maturity as the leading cloud native service mesh. Istio shares IBM’s passion for enhancing interoperability, open collaboration, security, resiliency and performance across cloud native applications. Continued open source innovation is vital to IBM’s hybrid cloud strategy, and we applaud all the Istio contributors who worked hard to reach this point.” – Jason McGee, IBM Fellow, CTO and GM, IBM Cloud
“Red Hat joined the Istio community to help further application-driven networking. We have found this community to be passionate about security, observability, microservices, layer 7 networking, and API strategies and patterns – all components we derive great value from as building blocks in a modern application platform. Congratulations to all the Istio contributors for reaching this amazing milestone in CNCF.” – Mike Barrett, Vice President of Hybrid Platforms, Red Hat