Solo.io and Google introduce new, open source, secure, sidecarless architecture to Istio Ambient Mesh.
What is Istio Ambient Mesh?
Istio Ambient Mesh is a new, open source, sidecarless service mesh architecture for Istio. Ambient Mesh enables you to reduce costs, simplify operations, and improve performance for applications running on Istio.
At the core of Istio Ambient Mesh is a new proxy architecture, which moves the proxy to the node-level for mTLS and identity, and allows a flexible policy-enforcement-policy to manage Layer 7 security filters and policies. All of this without sacrificing any of the Zero-Trust Security built into Istio.
Istio Ambient Mesh in Gloo Mesh
Istio Ambient Mesh will be an integrated part of Gloo Mesh, at no additional cost. Gloo Mesh will allow users to run both Istio sidecar-proxy mode and Ambient Mesh mode. This users users flexibility to manage costs, operational simplicity, and performance where it best aligns to application needs.
Move from Sidecar Proxy per-pod architecture to a Proxy per-node architecture.
Istio Ambient Mesh enables an alternative Istio architecture that moves the proxy function from a sidecar to the node-level. This reduces costs by reducing the compute and memory requirements per node. It reduces the number of proxies to manage.
Simplify Operations of the Service Mesh. Making the Mesh transparent to applications.
Istio Ambient Mesh simplifies operations of the service mesh by making upgrades easier, adding new applications easier, and making the mesh more transparent to applications.
Improve application performance.
Istio Ambient Mesh gives users control over application performance with a flexible Layer 4 and Layer 7 proxy architecture.
