JAXenter: Thank you for taking the time to talk with us, Idit! First, could you tell us a little bit about Gloo Mesh, what it does, and how it works?
Idit Levine: Gloo Mesh is a Kubernetes-native service mesh management platform that enables federated configuration and operations of microservices connectivity, routing traffic across clusters, hybrid- and multi-cloud environments. Gloo Mesh is engineered with a focus on its utility as an operational management tool, providing both graphical and command line UIs, comprehensive security, observability features, and debugging tools.
Gloo Mesh Enterprise enhances open source Istio — the most popular service mesh — and provides a secure, reliable, and easy way to connect and monitor services.
JAXenter: What are some of its common use cases?
Idit Levine: Previously, enterprises were slowed by outdated software that was too centralized and not able to handle dynamic environments due to their rigid configurations and the need to restart to implement changes. Gloo Mesh Enterprise, building on Istio, offers a flexible, scalable, Kubernetes- and cloud-native approach to managing connectivity of microservices and distributed applications.
Gloo Mesh Enterprise includes long-term support for enterprise Istio, WebAssembly (Wasm) extensibility, developer tooling for GitOps and CI/CD, and provides multi-cluster and multi-mesh observability. It is used in a variety of ways including API gateway, multi-cluster, and multi-mesh service mesh management.
API gateway integration allows users to integrate traffic management into (north/south) and within (east/west) their cluster. Gloo Mesh is often used together with the Gloo Edge API Gateway for end-to-end security, encryption and traffic control of app traffic.
Multi-cluster management streamlines the management of service meshes across different clusters anywhere, and across the software delivery lifecycle. It also helps users avoid the issues stemming from potential misconfigurations and manages multiple clusters consistently with a unified dashboard.
Multi-mesh offers users the freedom to federate management of service meshes running on any infrastructure together from a unified dashboard. It also enables grouping of disparate meshes into a single flat network and operates them as a single logical mesh.
SEE ALSO: “Kubernetes infrastructure can get expensive quite quickly without accurately monitoring”
JAXenter: What additional features are added in Gloo Mesh Enterprise compared to the open source version?
Idit Levine: Solo enhances the security, reliability, and observability of open source Istio, and adds many capabilities that meet the requirements of production enterprise deployments.
Today we announced expanded capabilities for our Gloo Mesh platform, Gloo Mesh Enterprise. These capabilities deliver both service mesh management and a full-featured API gateway built on or for Istio environments — all customizable for any requirements. Gloo Mesh Enterprise now also includes Gloo Mesh Gateway, a full-featured, Istio-native API gateway along with multi-cluster aware Gloo Portal. The enhanced Gloo Mesh Enterprise unifies and simplifies the process of setting up and managing multi-cluster and multi-mesh service mesh environments, sparing companies the pain of building or operating multiple tools themselves.
Earlier this year Solo.io announced the GA of our API gateway based on Envoy Proxy, Gloo Edge 1.8, which is bundled with Gloo Portal 1.0, a full-featured developer portal for API management to catalog and share APIs. Gloo Mesh Enterprise encompasses key features of both Gloo Edge and Gloo Portal, with multiple versions available now on a single platform with unified SKUs and common management. Gloo Portal is now also fully integrated with Gloo Mesh Enterprise, offering the industry’s only multi-cluster, native developer portal for Istio.
JAXenter: How does Gloo Mesh Enterprise enforce security?
Idit Levine: We are introducing improved security certificate management, such as integration with external certificate providers like Vault, as well as automated control-plane certificate rotation with no downtime. This makes it easier for customers to integrate with their PKI infrastructure, and maintain the security of their signing certificates. This enables users to leverage what they already have in their broader environment.
In addition to the existing suite of east-west traffic management features, Gloo Mesh now discovers all available ingress gateways for each managed service mesh. Additionally, the VirtualMesh abstraction now allows users to select specific ingress gateways for handling their cross cluster east-west traffic, allowing users to segment their ingress gateways according to their use cases.
We are adding N-4 version support (current and the four previous versions) for Istio with rapid response on important bugs. For example on June 25, there was a Common Vulnerabilities and Exposures (CVE) fix delivered and backported on the same day the issue was registered.
JAXenter: What does the new Gloo Mesh Gateway add and how will users benefit?
Idit Levine: Gloo Mesh Gateway is a full-featured API gateway built on Istio (and Envoy Proxy) which offers all the capabilities of Gloo Edge such as DLP, north/south rate limiting, WebAssembly (Wasm), and SOAP/XSLT for Istio.
Gloo Mesh Gateway inherits and incorporates all the strengths of Gloo Edge, a feature-rich, Kubernetes-native ingress controller, and next-generation API gateway. Gloo Mesh Gateway is exceptional in its function-level routing; its support for legacy apps, microservices and serverless; its discovery capabilities; its numerous features; and its tight integration with leading open-source projects. It is uniquely designed to support hybrid applications, in which multiple technologies, architectures, protocols, and clouds can coexist.
SEE ALSO: Deploy a Cloud-native Java App on Kubernetes Using Spring and K8ssandra
JAXenter: How can interested developers help contribute to Gloo Mesh?
Idit Levine: There is a large and active community around Istio on Github, and of course new contributors are always welcome. We have has several Solo.io leaders also serve on the Istio Technical Oversight Committee (TOC), including Lin Sun and Christian Posta, and they can advocate for upstream development directions. Reach out to us on Slack, where we have a community of over 3,800 people, to learn more.
JAXenter: And finally, what’s on the roadmap for the future? What new features or improvements are planned?
Idit Levine: Solo.io will continue to develop based on our customers’ needs. Generally, we organize our roadmaps around improving the security, reliability, observability, and extensibility of Istio, and maturing it for enterprise requirements.
The post “Gloo Mesh Enterprise enhances open source Istio — the most popular service mesh” appeared first on JAXenter.
Source : JAXenter