An IstioCon Recap

What did y’all think of IstioCon? THAT WAS FUN 😎. 

This was the second annual IstioCon and there was a lot going on! There were plenty of great talks from community members, contributors and consumers alike– let’s recap!

Happy Birthday Istio! This May 2022 is the 5th Anniversary of the Istio Project! Istio 0.1 was released May 24th 2017, by Google, IBM, and Lyft and has accelerated in growth, community, and usage!

Istio to the CNCF and our customers are thrilled that Istio will now be part of the CNCF. Our Gloo Mesh customers already run some of the largest production service mesh environments, and they trust Istio for their business critical workloads. This announcement removes any concerns they have about the future of Istio. Istio has become the de facto service mesh standard in the same way Kubernetes became the standard for container orchestration.

What was up to during IstioCon?

WE HAD 13 SESSIONS!!!! 🙌🙌🙌

Many of our team members presented on a variety of topics and workshops and these same folks have been key in founding, growing, and maintaining Istio over the past five years! Let’s drop a special applause to these amazing Soloists 👏👏👏!

  • Adam Sayah
  • Alex Ly
  • Christian Posta (Founding community member, Istio Steering Committee, author Istio in Action)
  • Gregory Hanson (Founding Istio Maintainer, Product Security WG Lead, Istio Release Manager)
  • Idit Levine (Founding API gateway WG-Istio)
  • Yuval Kohavi (Renowned security researcher, Founding API Gateway WG-Istio, Contributor Envoy)
  • Lin Sun (Founding Istio project maintainer, Technical Oversight Committee (TOC), Steering Committee)
  • Neeraj Poddar (Istio Steering and TOC member. Co-founded Istio Product Security Working Group)
  • Nick Nellis (First to run Istio in production, current contributor and maintainer)
  • Nina Polshakova
  • Ram Vennam (Founding Istio Steering Committee member)
  • Will McKinley

So, what did we cover?

  1. Keynote: The Current State of Istio – Lin Sun, Mitch Connors – Lin and Mitch open IstioCon and share some amazing announcements!
  2. External CA integration with Istio explained – Lin Sun, Josh van Leeuwen – This talk focuses on a few approaches to running PKIs and the various challenges and considerations.
  3. Lessons Learned on Multi-tenancy Controls in Istio – Alex Ly, Will McKinley – This session is about the challenges of running a multi-cluster and multi-tenanted environments and how Service Mesh can alleviate these challenges.
  4. Lightning Talk: What to expect when you install multiple Istio revisions in different namespaces? – Neeraj PoddarNeeraj explores some of the hidden land mines that you might run into with this setup and how to best install and manage multiple Istio revisions safely in production.
  5. Session: Building simplified service mesh API for developers – Lin Sun, Ying ZhuThis session focuses on how the Service Mesh API provides operators and developers with the necessary capabilities to consume and create abstractions on top of Istio. 
  6. Keynote: Istio Today and Tomorrow – 5 Important Things – Get’s perspective on where Istio is today and where it is headed.
  7. Session: Understanding the new Istio Telemetry API – Neeraj Poddar, Douglas ReidWe have introduced the new Telemetry API in v1.11 which provides a flexible and uniform way for configuring how telemetry is generated in the mesh. 
  8. Session: Sidecarless with eBPF or sidecar with Envoy proxy? – Idit Levine, Yuval Kohavi In this talk, Idit and Yuval will dig into the role of eBPF for a service mesh data plane and what are some of the tradeoffs in terms of features, resource overhead, feature isolation, security granularity, and upgrade impact for various data-plane architectures: shared proxy vs. shared proxy per node vs. sidecar proxy vs. shared proxy per service account, etc.
  9. Lightning Talk: Testing Istio’s Virtual Machine integration locally with Calico – Nina Polshakova – Istio was originally built for microservices running in Kubernetes but the demand for VM-based workloads interacting with the mesh has increased substantially. Nina gives us the run down of how VMs connect with the Istio Service Mesh!
  10. Session: Virtualizing the Istio Sidecar- Christian PostaIn this session Christian discusses the work that’s going on to “virtualize” the Istio sidecar for our users by giving options for sidecar, service-account, shared-node, and even remote proxies and micro proxies.
  11. Session: A Field Guide for Safe Istio Upgrades – Ram VennamIn this session, Ram outlines the various upgrade strategies, their advantages and disadvantages, the gotchas that you need to watch out for, and most importantly – some best practices you can apply from day 1 to ensure successful upgrades in the future.
  12. Session: Join locally, learn globally – Nick Nellis – In this session, Nick explains how you can configure a local istio-proxy to connect securely to a cloud based service mesh all the while explaining concepts like PKI, mTLS, east/west routing, and request/response transformations.
  13. Workshop: Multi-tenant Istio Service Mesh with Gloo Mesh – Adam Sayah  Adam Sayah delivered an amazing workshop, which focused on multi-cluster topologies, identity federation, authZ and more! Our workshop quickly hit maximum capacity during the event, so if you missed it check out the schedule of upcoming workshops here: 

Community Thoughts

Check out Walter, another of our community members, sharing his thoughts on IstioCon

Job Opportunities:

IstioCon has a jobs section for a variety of opportunities from several companies supporting the Service Mesh space.

We are also hiring!!! Check out the various positions here!

Final Thoughts:

IstioCon was filled with insightful talks, and very strategic use-cases ready to be explored. And we are extremely excited about the CNCF announcement! It was amazing to see so many Soloists featured across the IstioCon program, but now we’re looking ahead to KubeCon + CloudNativeCon Europe 2022! is the leader in Application Networking backed by the extraordinary technologies Envoy, Istio and our Gloo Application Networking Platform. Whether you’re in Valencia or attending virtually, be sure to check out all of the Solo activities at this year’s event! We’ll see you there!