In light of the collaboration that marks the cloud native community’s approach to today’s distributed workplaces and environments, the title hashtag of KubeConEU 2021 was #TeamCloudNative. This year’s virtual conference brought together this massive community and included hundreds of sessions and 11 distinct Zero Day co-located events. 

The New Stack issued their key takeaways from Wednesday’s keynote talks related to such topics as GitOps and CI/CD, data management, and edge deployments. (They’ll discuss these further in a live session with Cheryl Hung, Bryan Liles, and host Alex Williams Tuesday, May 11, 2021, at 8 a.m. PDT).

Making developer lives easier was a major theme of KubeCon EU– along with addressing the overall complexity of cloud native systems and infrastructures that span multi-cloud, multi-cluster, multi-mesh, multi-etc.

Tetrate was proud to be a diamond sponsor of Cloud Native Wasm Day and to send five engineers to KubeCon and its co-located events. (Created by Istio founders, Tetrate is a top contributor to Istio and Envoy and recently announced the general availability of Tetrate Service Bridge, an application connectivity platform that provides a management plane to control a mesh-managed environment that can run anywhere). So Tetrate’s “envoy” of KubeCon speakers gave talks focused on open source and enterprise-grade solutions to solve for the complexities of today’s heterogeneous infra landscape.

Cloud Native Wasm Day: Extensibility with Wasm

The introduction of WebAssembly (Wasm) into Istio and Envoy– which makes building extensions (e.g., adding custom filters or security controls) much more accessible to developers– is a huge milestone in the maturation of the cloud native and service mesh technology stack. As Cloud native + Wasm are the new chocolate and peanut butter, Cloud Native Wasm Day got its own Zero Day event this year. In a keynote talk, Tetrate engineer Takaya Saeki described how Proxy-Wasm opens up significant possibilities to create secure extensions for applications running in Istio and Envoy environments. Notably, Tetrate is the creator of the open source GetEnvoy Extension Toolkit that makes it even easier for developers to get started writing such extensions.

Summary of Wasm beyond the browser

Wasm talk Doodles showing the benefits of Wasm and Proxy-Wasm

KubeCon: Cloud Native Apps with Service Mesh + Spring

At KubeCon, Tetrate’s Adam Zwickey and Liam White presented “Turning Your Cloud Native Apps Inside Out With a Service Mesh,” describing the benefits of operating an Envoy-based service mesh to manage your environment and enhance development practices. Liam and Adam covered common building blocks for building cloud native applications– specifically using the Spring ecosystem and Netflix OSS, and described how a service mesh fits in with this type of architecture. (In their demo, they walk through a migration example showing how to use Netflix libraries to introduce a service mesh into the app; you can check out the code examples). 

Architecture with Service Mesh and Spring

What they showed is what service mesh architecture and Spring can bring to the table: an easy way to get started and build microservice applications with Spring Boot; a way to decouple the common cloud native patterns out of the application to simplify the architecture, allow us to take a polyglot approach, and introduce non-Java services into our app architecture; and a way to simplify once we begin to span multiple Kubernetes clusters, multiple cloud environments, or multiple cloud providers themselves, making the semantics for expressing that for application much easier and allowing us to introduce non cloud native applications into our cloud native architecture. 

Doodles from KubeCon presentation on the benefits of Service Mesh Architecture + Spring

Service Mesh Con: Istio and non-Kubernetes Workloads

It can be argued that for service mesh to be fully utilized as an infrastructure model for enterprise applications, the ability to support legacy apps running in VM is a significant request. Since Istio 1.6, VMs have been increasingly integratable as first class citizens in the mesh. We can truly see the adoption of Istio in enterprise environments– something that was being addressed by Tetrate’s Zack Butcher (with Sven Mawson of Google and Pratima Nambiar of Salesforce) and Petr McAllister in their respective talks.

In both sessions, we can learn that Istio has provided us with important primitives that can be utilized to describe a workload and configuring its behaviour inside a network so that in the end, it can be viewed and onboarded as a service mesh citizen just like a Kubernetes-based workload. The onboarding process is flexible and can fit almost any existing infrastructure architecture, thanks to the availability of tools that provide a solution.

It’s an exciting time for enterprises to start onboarding their apps running in VM, and to embrace the benefits of running it in multiple cloud and cluster while gaining security, connectivity, observability, and resiliency benefits of service mesh. Large organizations such as Google and Salesforce have already adapted to this Istio ability and it’s an invitation for others to follow in the footsteps.

Doodles on VMs in the service mesh

This post was written by Tetrate content writers Adityo Pratomo– whose doodles from the talks are included– and Tevah Platt. Contact Tetrate to talk to an expert about Istio, Envoy, or the Tetrate Service Bridge product.