[rev_slider alias="slider-5-blog"][/rev_slider]
Digital Transformation
Service Mesh

Why do you need Istio when you already have Kubernetes?

If you’ve heard of service mesh and tried Istio, you may have the following questions:

  1. Why is Istio running on Kubernetes?
  2. What is the role of Kubernetes and a service mesh in the cloud-native application architecture, respectively?
  3. What aspects of Kubernetes does Istio extend? What problems does it solve?
  4. What is the relationship between Kubernetes, Envoy, and Istio?

This article will take you through the inner workings of Kubernetes and Istio. In addition, I will introduce the load balancing approach in Kubernetes, and explain why you need Istio when you have Kubernetes.

Read More
Announcements, Funding, Tetrate

Series B financing : Next step in Tetrate journey

I’m excited to announce that Tetrate has raised $40M in Series B financing, led by Sapphire Ventures, with participation from  Scale Venture Partners, NTTVC, and previous investors, Dell Technologies CapitalIntel Capital, 8VC, and Samsung NEXT.  I would like to thank my colleagues (aka Tetrands), investors, customers, partners, and friends for their continued support.

The funding will allow us to expand our go-to-market operations globally and double down on engineering to further support our customers in building their connectivity fabric with Tetrate Service Bridge, the only hybrid cloud application networking platform. It will also help us bring Tetrate Cloud, a new SaaS offering to market: a fully managed Istio based service mesh platform to enable “one experience, any cloud.”

Read More
NGAC, Security, Service Mesh, Zero Trust


Different companies or software providers have devised countless ways to control user access to functions or resources, such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). In essence, whatever the type of access control model, three basic elements can be abstracted: user, system/application, and policy.

In this article, we will introduce ABAC, RBAC, and a new access control model — Next Generation Access Control (NGAC) — and compare the similarities and differences between the three, as well as why you should consider NGAC.

Read More
Case studies, Istio

How NetEase Qingzhou Enables Microservices Architecture Evolution with Istio

Author Fei Pei is a senior architect at NetEase Qingzhou.

In a company with diverse internet businesses like NetEase, each business has its own unique choice of microservices tech stack and system architecture based on their business nature and team composition. While this might seem harmless at the initial stage of business development, as the businesses grow, the business scale, level of complexity, and team composition will vary.

Read More
Case studies, Istio

How Coohom Uses Istio to Integrate a New Serverless System into its Existing Self-developed Java System

Coohom successfully launched its home cloud design platform based on the core technology of distributed parallel computing and multimedia data mining. The platform is committed to the research and development of cloud rendering, cloud design, BIM, VR, AR, AI, and other technologies, in order to achieve the experience of “What You See Is What You Get”. It is a SAAS cloud software service platform that generates a design plan in 5 minutes, a rendering in 10 seconds, and a VR plan with a single click.

Read More
Case studies, Istio

An Istio-based Traffic Management Use Case of eBay

As a centralized cloud platform, Kubernetes manages multiple heterogeneous applications, including online services, big data, and backend searches. The number of clusters reaches up to the hundreds. In large clusters, thousands of microservices and hundreds of thousands of pods are run in a single cluster. Needless to say, different types of applications have different traffic management needs. The question then arises: how do we address these different needs with a centralized model? In fact, this is the biggest challenge that eBay has been seeking to tackle for years.

Read More
AWS, Tetrate, Tetrate Service Bridge

TSB CI/CD Pipeline on Gitlab deploying application in AWS

As code gets signed off by a developer, it goes to the infrastructure teams that deploy it in the dev/test environment and then validate it via a number of tests. The developer’s skill set usually doesn’t include knowledge of Kubernetes, service mesh parameters, or Ingress gateways. Beyond knowledge, there is usually enterprise grade separation of roles: the developer shouldn’t have access to the network configuration, unnecessary monitoring tools, and certainly not security objects such as certificates.                           

Read More
Istio, Open Source, Tetrate

Using Traefik Ingress Controller with Istio Service Mesh

The Istio service mesh comes with its own ingress, but we see customers with requirements to use a non-Istio ingress all the time. Previously, we’ve covered integrating NGINX with Istio. Recently we’ve been working with customers that are using Traefik ingress. With some slight adjustments to the approach we suggested previously, we at Tetrate learned how to implement Traefik as the ingress gateway to your Istio Service Mesh. This article will show you how.

Read More