Tetrate Istio Cloud Map Operator

AWS recently announced Cloud Map, a Service Discovery service that allows you to define friendly names for your cloud resources so that your applications can quickly discover the relevant endpoints associated with them.

In Istio, you register services that are external to your mesh to allow services in your mesh to route to them, this is done via an Istio Service Entry. Creating Service Entries allows services from inside your mesh to leverage the various traffic management, security and telemetry features of Istio such as fault injection, TLS origination and access logs; when communicating with external services.

The Tetrate Istio Cloud Map Operator synchronizes with Cloud Map, automatically populating the service discovery information into Istio Service Entries. This allows services running in your Kubernetes clusters to communicate with any services registered in Cloud Map, whether they are running in EKS, ECS or any other service integrated with Cloud Map. The diagram below illustrates an EKS to ECS scenario.


In this diagram there is a collection of frontend services running in an EKS cluster with Istio installed communicating with a collection of backend services running in ECS. The Istio Cloud Map Operator watches Cloud Map for services and service instances being registered/created, then adds the information as Service Entry objects in Istio so that they can be routed to.

For more information, usage instructions and code check out the GitHub repo.

Back to Blog