This year’s KubeCon China marked its first-ever occurrence in Hong Kong, spanning three days. As a participant and a panel moderator, I will share in this article the highlights of the conference and the in-depth discussions on service meshes and gateway technologies.
This edition of KubeCon introduced a theme on AI and developers, here are some of the focal points:
Practical Applications of Cloud Native Technologies in Industries: Especially in the electric vehicle and cybersecurity sectors, such as the joint discussion by Huawei and NIO on how cloud native technologies can accelerate innovation in electric vehicles.
The Power of the Kubernetes Community: Detailed discussions on the influence of China’s Kubernetes community and its role in advancing regional cloud native activities.
The Integration of Open Source Technology and Artificial Intelligence: Discussions on the advanced position of China and Hong Kong in the fields of open source and AI technologies and how these are driving regional technological innovation and development.
Latest Developments in Service Meshes and API Gateways: Including updates on service mesh technologies and how they work in conjunction with Kubernetes schedulers to enhance system throughput.
New Strategies for Supply Chain Security: Focusing on the latest developments in securing supply chains, particularly practical guidelines on SLSA compliance.
Multicluster Management and Edge Computing: Discussions on strategies for effective management and innovation across different architectures and systems.
Optimization of AI Large Model Inference Performance: Discussion on performance acceleration in serverless architectures for AI large model inference and related technological advancements.
In a roundtable discussion that I participated in with industry leaders from Tetrate, Alibaba Cloud, and Kong Inc., we delved deeply into the latest developments and integrations of Istio and API gateways.
Innovations in Istio: We discussed the latest version update of Istio (Istio 1.123) and key features such as optimizations in the Ambient mode, a new architectural choice that reduces resource consumption while enhancing performance.
Practical Comparison Between Ambient and Sidecar Modes:
Challenges in the Development of Ambient Mode: Despite its advantages, Ambient mode still faces challenges in complex traffic management and multi-tenant environments.
Service Mesh Optimization Strategies: Discussing methods to enhance the performance and efficiency of cloud applications through service mesh improvements.
Integration of Service Meshes and API Gateways: Demonstrating how these two technologies work together to support more complex deployment and operational modes.
In the presentation by Zhonghu Xu and Jianpeng He, we gained insights into the possible future directions of Istio:
Dual Mode Drive: Istio is likely to support both the Ambient mode and the traditional Sidecar mode simultaneously. Ambient mode suits users seeking performance and cost optimization, while the Sidecar mode will continue to support users requiring comprehensive functionalities.
Support for Gateway API: Istio’s support for the Gateway API provides users with more flexible routing and policy configuration options.
Application of Waypoints Strategies: Waypoints need not be limited to Istio or Envoy. Using the Gateway API and GAMMA, any standard-compliant implementation can serve as a Waypoint, offering greater flexibility and scalability for service meshes.
They emphasized the Sandwich Waypoint, which supports:
istio.io/use-waypoint: {namespace}/{gateway-name}
annotation, traffic to a target service, pod, or within a namespace can be redirected to the same Waypoint.This represents a mode in Istio’s Ambient mode for capturing layer 7 traffic, as illustrated below.
The steps for capturing layer 7 traffic with Istio Sandwich Waypoint are as follows:
In a presentation at KubeCon, Huabing Zhao discussed how Envoy Gateway enhances its capabilities and flexibility by extending the Kubernetes Gateway API, covering a wide range of matching and routing capabilities, new resource and policy models, and details of security policies.
Through this conference, we gained insights into Istio’s Ambient mode and the developments in Envoy Gateway. The discussions on these technologies not only forecast future trends but also provided practical insights to facilitate the implementation and innovation of technologies.
Last updated on Nov 7, 2024