Search code examples
istio

Is there a distributed multi-cloud service mesh solution that's available? Something that cuts across GCP, AWS, Azure and even on-premise setup?

Is there a distributed multi-cloud service mesh solution that is available? A distributed service mesh that cuts across GCP, AWS, Azure and even on-premise setup?

Nathan Aw (Singapore)

Solution

  • Yes it is possible with istio multi cluster single mesh model.

    According to istio documentation:

    Multiple clusters

    You can configure a single mesh to include multiple clusters. Using a multicluster deployment within a single mesh affords the following capabilities beyond that of a single cluster deployment:

    • Fault isolation and fail over: cluster-1 goes down, fail over to cluster-2.
    • Location-aware routing and fail over: Send requests to the nearest service.
    • Various control plane models: Support different levels of availability.
    • Team or project isolation: Each team runs its own set of clusters.

    A service mesh with multiple clusters

    A service mesh with multiple clusters

    Multicluster deployments give you a greater degree of isolation and availability but increase complexity. If your systems have high availability requirements, you likely need clusters across multiple zones and regions. You can canary configuration changes or new binary releases in a single cluster, where the configuration changes only affect a small amount of user traffic. Additionally, if a cluster has a problem, you can temporarily route traffic to nearby clusters until you address the issue.

    You can configure inter-cluster communication based on the network and the options supported by your cloud provider. For example, if two clusters reside on the same underlying network, you can enable cross-cluster communication by simply configuring firewall rules.

    Single mesh

    The simplest Istio deployment is a single mesh. Within a mesh, service names are unique. For example, only one service can have the name mysvc in the foo namespace. Additionally, workload instances share a common identity since service account names are unique within a namespace, just like service names.

    A single mesh can span one or more clusters and one or more networks. Within a mesh, namespaces are used for tenancy.

    Hope it helps.