Ambient Mesh for Agentic Workloads and AI Growth

Strengthen your cloud-native security posture with Istio and ambient mesh. Learn how ambient enhances zero-trust architecture, simplifies mTLS, reduces attack surface, and decouples security from app logic, all with less operational overhead.

Considering migrating from Istio sidecars to ambient mesh? Learn about the key challenges, risks, and benefits of ambient, including improved performance, lower costs, and operational simplicity, plus tips to plan a safe, successful transition.

Today, we’re excited to share the next major milestone: Agent Gateway is now a full-featured, AI-native gateway that combines deep MCP and A2A protocol awareness, robust traffic policy controls, inference gateway support, Kubernetes Gateway API support, and unified access to major LLMs, all purpose-built with Rust for real-world agentic systems.

Discover how Ambient Mesh architecture can reduce service mesh infrastructure costs by up to 92% compared to traditional sidecar deployments, with real-world savings

Learn how Ambient Mesh revolutionizes service mesh architecture by eliminating sidecars and introducing a split proxy approach for better performance and operational simplicity.

While the A2A specification provides the critical first steps toward discovery with Agent Cards, the infrastructure for truly dynamic, scalable agent ecosystems requires additional components that the spec intentionally leaves “up to you.” In this blog, we dig into those missing pieces.

Digging into the details of the MCP Authorization Spec

Deep dive into MCP Authorization, step by step with examples and in-depth detail

Digging into AI identity and how the current SPIFFE models may need to be revised to support AI Agents

Digging into the llm-d project and how it does distributed inference.

AI Reliability Engineering (AIRE) bringing AI agents to SRE and Platform Engineering workflows for dependable humans

Secure Kubernetes workloads with Istio Ambient and SPIRE. Gain robust workload identity, mTLS, and scalable identity management without sidecars.

In March 2019, AWS announced general availability of AWS App Mesh which is a service mesh implementation that can be run across AWS services such as Fargate, ECS, EKS and EC2. Organizations now have multiple options for service mesh available in AWS including the AWS App Mesh service, other service meshes directly in EC2 (Linkerd, Istio, etc), or a combination of them both. This post will cover AWS App Mesh.

Powered by Gloo Gateway, Solo.io helped Ingenico modernize its global payments infrastructure—boosting scalability, resilience, and developer autonomy. Explore their journey to building a fault-tolerant, future-ready platform.

ParkMobile’s Platform Engineering team utilized Kubernetes and Gloo Gateway to drive innovation, scalability, and seamless mobility solutions while fostering a culture of collaboration and technological excellence.

Powered by Gloo Gateway, Solo.io helped Vonage modernize its cloud infrastructure, enhancing scalability, reliability, and developer autonomy. Explore their journey to a building an efficient and agile platform.

Powered by Gloo Gateway and Gloo Mesh, Solo.io helped Domino’s UK transition from a monolithic system to a microservices-based architecture. Learn about our 18-month journey to transform the way they operate.

Compare features across Gloo Mesh Enterprise, Gloo Mesh Open Source, and Basic Open Source Istio.

Navigating the complexity of modern applications requires a key ally – observability. Observability empowers teams to streamline application debugging, and within the architecture of a service mesh, provides valuable insights that increase reliability and performance.

Challenges and approaches to multi-cluster deployment patterns

Using a service mesh as a layer to unify communications between applications, services, and workloads empowers teams to modernize their systems, deliver faster results, and improve performance for modern enterprises.

Download our Buyer’s Guide to API Gateways and learn about the modern requirements of API gateways in our guide’s comparison of five leading API gateway providers.

How your organization can ensure safer cloud architecture by applying a zero trust network security model

With automated API management, organizations save time and resources and streamline the development process.

The rise of microservices architecture has brought about a significant shift in how software is developed and deployed, and as such, has presented new technical and organizational challenges.

How a service mesh can help your organization simplify the adoption of a distributed architecture

See how top vendors with Istio-based service mesh offerings compare

Integrating LLM models in your applications? See our infographic to learn the top four reasons why you need an AI Gateway!

Kong Gateway offers a very capable competitor to Gloo Gateway by Solo.io, but there are growing questions about the efficacy and stability of the Nginx open-source community behind the technology.

Apigee suits Google Cloud, but its traditional approach clashes with modern practices. In contrast, Gloo Gateway by Solo.io aligns with cloud-native strategies.

Unlock the full potential of your microservices architecture with the strategic integration of API gateways. While microservices provide flexibility and scalability, they also introduce complexities that can impede seamless communication between services. Discover the crucial role of API gateways in overcoming these challenges and optimizing your microservices ecosystem.

Solo.io Free Lab: Learn how to preserve and migrate EnvoyFilter configurations when transitioning from sidecar to ambient mode in Istio using Solo.io’s extended build, with step-by-step guidance and validation.

Secure your Istio Ambient Mesh with SPIRE. This hands-on lab shows how to integrate SPIRE with Gloo Mesh to issue SPIFFE identities and certificates for ztunnel and mesh workloads.

Learn how Ambient Mesh uses ztunnel to secure traffic without sidecars. This free lab walks you through joining workloads, observing traffic, verifying mTLS, and applying Layer 4 policies.

Solo Academy | Learn the fundamentals of service mesh in this free video-led course and get insights into using a service mesh to enhance your observability, security and reliability of your applications

Solo Academy | Learn the basics of Istio with our free 101 course. Understand what Istio is, how it works, and its features for traffic management, security, and observability in microservices and Kubernetes.

Solo Academy | Master Envoy Proxy basics with our free 101 level course. Learn about the architecture, advanced load balancing, observability, and role in microservices, Kubernetes, and service meshes

Solo Academy | Learn API Gateway fundamentals in Kubernetes with this free beginner level video-led course. Discover how API Gateways control traffic, secure connectivity, and complement microservices architecture

Solo Academy | A fundamental level workshop for developers and operators to learn Istio service mesh. Install Istio, secure services, control traffic, and earn a Solo.io certification through hands-on labs.

Solo Academy | Hands-on workshop introducing the core concepts of Envoy Proxy. Learn how Envoy works under the hood from its architecture, filter chains, and request flow and beyond the abstractions of service meshes and API gateways.

Solo Academy | Free hands-on workshop for operators looking to deploy Istio in production. Learn advanced routing, observability, security, mTLS, and multi-cluster setup and g free certification.

Explore how to integrate kgateway's ingress gateway with Istio Ambient Mesh in this free hands-on lab. Learn to deploy workloads, configure Gateway and Route resources, and enable automatic mutual TLS between the gateway and backend services.

Learn how to deploy and configure kgateway as a waypoint in Istio Ambient Mesh. This free hands-on lab walks you through managing east-west traffic, applying custom policies, and enhancing service communication with enterprise-grade control.

kgateway labs | Consumption Reporting

Learn how to enable the AI extension, configure gateway parameters, and deploy an AI Gateway using kgateway to route requests to large language models (LLMs) from within your Kubernetes cluster.

Create Your First AI Agent with Kagent in Kubernetes

Kagent Lab: Integrate tools from MCP servers with kagent

Gloo AI Gateway Labs | Semantic Caching with Gloo AI Gateway

kgateway labs | Managing LLM Credentials with kgateway - AI Gateway

Kgateway labs | Managing Prompts for Enhanced LLM Performance

kgateway labs | Content Safety with Prompt Guards

Ambient Mesh Lab | Migrate from Sidecar-based Service Mesh to Ambient Mesh

Mastering Multi-Cluster Scalability with Ambient Mesh

Simplify Mesh Management with Gloo Cloud: Onboarding, Ingress, Egress, and Service Mesh

Solo Lab | Waypoints in Ambient Mesh: For L4 and L7 Security, Traffic and Observability Insights

Exploring the Gateway API Inference Extension with kgateway

Securing Services with Gloo Gateway: TLS Termination and API Keys

Route Delegation in kgateway

Canary releases with Argo Rollouts & kgateway

Understanding kgateway patterns of extensions

GatewayAPI support for service mesh with kgateway

Exploring HTTPRoute resource configurations with kgateway

Configuring gateways across multiple teams with kgateway

Configure HTTPS with the Gateway API and kgateway

Understanding the basics of Kubernetes Gateway API with kgateway

Installing kgateway, an open-source implementation of the Kubernetes Gateway API

Join our free, on-demand lab Employing Circuit Breaking to safeguard services with Istio Ambient mode. Learn to deploy waypoints, configure circuit breaking, and monitor using metrics, logs, and Prometheus.

Join our free, on-demand lab Configuring Fault Injection to enhance resiliency with Istio Ambient mode. Learn to observe system latency, configure delays, timeouts, retries, and augment with outlier detection.

Join our free, on-demand lab Using Outlier Detection to learn how to configure Istio Ambient mode to avoid unhealthy workloads. Discover steps to implement outlier detection, assess workload health, and monitor metrics effectively.

Join our free on-demand lab, Implementing Timeouts, and learn how to protect applications from slow upstream services with Istio. Discover how to prevent indefinite errors, configure and verify timeouts, and decouple resiliency concerns from your apps.

Free K8s Gateway Lab: Deploy, Secure, and Rate Limiting with Solo's Open Source Gateway

Learn how to route traffic using waypoint proxies in ambient mesh.

Learn how to secure services in your Kubernetes cluster using ambient mesh and mTLS.

Learn how to enforce access control and write authorization policies for L4 and L7 traffic.

Learn the basics of ambient and how to set up your first environment.

Learn how to view metrics and traces from L4 and L7 traffic in ambient mesh.

Sign up for the free, hands-on technical labs.

Sign up for the free, hands-on technical labs.

Sign up for the free, hands-on technical labs.

Sign up for the free, hands-on technical labs.

As organizations unlock the potential of generative AI, one thing is clear: a modern, scalable API strategy is essential. In this complimentary Gartner® report learn how software engineering leaders can evolve their API programs to accelerate innovation, reduce risk, and control costs in the AI era.

Get to grips with API management in the age of cloud and AI. Discover the benefits of Omni-directional API management and learn about its pivotal role in architecture modernization.

Learn how Solo.io is lowering the barrier to service mesh adoption with Ambient Mode. Discover how you can deploy Istio ambient mode in production with the help of Gloo Mesh.

A service mesh is a dedicated infrastructure layer that helps manage and secure communications between microservices within a distributed application.

A service mesh is a dedicated infrastructure layer that helps manage and secure communications between microservices within a distributed application.

Migrate your project from ingress-nginx and the Ingress API to the Kubernetes Gateway API with kgateway—an open-source Gateway project powered by Envoy.

In our white paper Migrating from Sidecars to Sidecarless to Ambient Mesh, we share how sidecars and Ambient mode can work together, allowing for a gradual migration strategy.

Read our white paper and learn how to select the right AI Gateway to help you navigate the challenges of working with AI workloads.