The Problem
In part one of the video series What is Omni?, Louis Ryan, Chief Technology Officer at Solo.io, described the state of affairs at organizations, in terms of having control over their software systems: enterprises today have a litany of heterogeneous environments that they've built over the years that perhaps reflect the state of the art at different points in time.
This heterogeneity is a problem because whether the objective is controlling traffic flows, implementing security policies, or configuring observability, having hundreds of different ways to do this is not manageable. It gives organizations no other option than to operate by "ticket ops" - by submitting requests to the owners of different parts of the system to realize some kind of change to policies and configuration.
It takes away the ability to control systems effectively, and takes away the ability to react in a timely fashion to a situation in order to resolve a problem, remedy outage, patch a vulnerability.
In the video, Louis provides typical example scenarios of systems provisioned in different environments using different tools, with the need to allow an application running in one cloud environment to connect to a service running on-prem, or vice versa. Tickets are opened, and ad hoc solutions are applied to allow a communication path. The result is a mess of rules and ad hoc policies that are very difficult to reason about, much less control.
What is Omni?
Louis goes on to explain how, at Solo.io, we have built a platform that leverages the same technology everywhere - at ingress, in the mesh, and at egress - that provides agility and control. Solo.io's Gloo Mesh and Gloo Gateway products provide centralized control over traffic, security, and observability. It allows us to introspect our system, at different levels of granularity, and to reason about its behavior. Platform operators can review and update policies that can propagate within seconds, effectively giving us control over security and routing behavior at ingress, egress, and in the mesh.
We call this capability "Omni" because this system provides control throughout, irrespective of the direction of flow of traffic (north-south or east-west).
The Journey to Omni
Let's look back at how we have arrived at Omni, after a long evolution of solutions to help organizations with some facet of the problem. As Kubernetes became a de facto platform for running workloads, the immediate issue was having a mechanism to control ingress traffic, to give users access to systems running on Kubernetes.
Many solutions for ingress, based on different gateway technologies, offered their own APIs to address ingress configuration. One reason was the incompleteness of the Kubernetes Ingress resource to address different types of scenarios that were not part of the specification.
Service meshes brought their own APIs for configuring mesh traffic. Istio's API provided a uniform way to control ingress and egress in addition to mesh traffic. But mesh solutions often lack some of the API gateway capabilities that organizations needed at ingress.
Not all organizations today run a service mesh, which means that they're to some extent "doing without" the controls that service meshes bring to bear on internal traffic. Organizations would be hard-pressed to implement a zero-trust architecture in their environment without the help of a service mesh. Not all organizations have complete control over egress traffic either - traffic leaving their network. This has important implications on both agility and on security.
Today the cloud-native community finds itself in a much better place. We have recognized that a new effort was needed to standardize how to control traffic through the work of the Kubernetes Gateway API Special Interest Group (SIG).
That effort involved the collaboration of many players, and is seeing wide adoption from implementers, as attested by the list of implementations. After a period of development, the Kubernetes Gateway API is Generally Available (GA) and stable (currently at version 1.3.0).
The standard has seen strong interest from the service mesh community, to the point where an initiative, dubbed GAMMA, was created to ensure that the same API could be used or minimally extended to support mesh traffic, in addition to ingress scenarios.
Today Istio fully implements the Gateway API in addition to its original API. Istio's Ambient mesh relies on it (see John Howard's Gateway API bench on Gateway API conformance).
Realizing the Omni Vision
Solo's gateway and mesh products, Gloo Gateway and Gloo Mesh, both implement the Kubernetes Gateway API. The two products complement each other in such a way that they together represent a performant and robust enterprise platform that realizes Solo's "Omni" vision.
Gloo Mesh supports multi-cluster service meshes, as well as ambient mode, which represents a streamlined and resource-efficient evolution of the service mesh architecture. This translates directly into resource and cost savings, which are significant in enterprises with a large systems footprint.
As an open core company, Solo contributes heavily to open source. We invite you to check out our enterprise solutions and our open source projects, including Istio ambient mesh, today's leading open-source service mesh solution, and the kgateway project, the most mature and widely deployed Envoy-based gateway.
Our engineers' expertise saves our customers time and effort in implementing these technologies in their environments.
The Future with Omni
Solo continues to innovate by incorporating new usage patterns such as application integrations with large language models. We have added AI Gateway capabilities to both our open-source projects and in Gloo Gateway, and we continue to innovate with open source projects such as kagent whose aim is to bring agentic AI to the cloud native ecosystem, and agentgateway, a project designed to support and manage agent connectivity in modern AI-based environments. We'll continue to post as new resources, products, and open source projects become available.
%20a%20Bad%20Idea.png)
%20For%20More%20Dependable%20Humans.png)
