Senior DevSecOps Engineer at a computer software company with 1-10 employees
Real User
Top 20
2024-08-26T18:23:49Z
Aug 26, 2024
There's a new product being worked on, with contributions from the team at Solo.io, called Ambient Mesh. This is being built into the open-source project. The purpose of Ambient Mesh was to make it more scalable, possibly getting rid of the sidecars on services to lower latency. Does it make Istio simpler or easier to use? I don’t think so. It might actually increase complexity, but it could work well for specialized use cases. But, you'd need knowledgeable engineers to implement it properly. So, I think Istio has issues with performance and scalability. I guess that's the best way to put it. I recently worked with a customer who was running a performance test with Istio. Their test involved creating 500 to 1,000 namespaces with a large number of sample services that were all being rolled out together. What we found was that Pilot, one of Istio's components, was crashing, causing the performance test to fail. This isn’t a very common use case, spinning up a thousand services all at once, but it was overloading the control plane. We found that increasing the replica count on the control plane sometimes leads to issues with leader election. Pilot doesn't handle leader election very well, but a recent bug fix by the Solo.io team has improved this aspect. So, in terms of scalability, it’s improving. That's the best way to put it.
Based on my experience, the solution could be improved. They could simplify the learning process so that users can understand how its features work together, especially with components like Kibana. Learning about the different components is necessary. For instance, you need to understand the traffic flow, potential bottlenecks, and the architecture within Istio.
Istio has very few community forums. It would be good if the solution had more community forums. Recently, we have faced an issue. We were using an old version of Istio. Our Kubernetes version in our cluster was about to upgrade, and it was incompatible with the old version of Istio. Our whole production system went down, and we faced a lot of service outages because of that. If you have an old version of Istio installed, it should be compatible with all the Kubernetes versions.
VP of Engineering at a healthcare company with 201-500 employees
Real User
2021-01-16T02:48:13Z
Jan 16, 2021
For our use case that we applied it to, there were graph queues and the calls that were coming in. There were the things that we couldn't apply at the time, but it kind of worked.
Connect
Intelligently control the flow of traffic and API calls between services, conduct a range of tests, and upgrade gradually with red/black deployments.
Secure
Automatically secure your services through managed authentication, authorization, and encryption of communication between services.
Control
Apply policies and ensure that they’re enforced, and that resources are fairly distributed among consumers.
Observe
See what's happening with rich automatic tracing, monitoring, and...
At the moment, there are no immediate improvements needed. Reducing the latency between the control plane and the data plane would be beneficial.
There's a new product being worked on, with contributions from the team at Solo.io, called Ambient Mesh. This is being built into the open-source project. The purpose of Ambient Mesh was to make it more scalable, possibly getting rid of the sidecars on services to lower latency. Does it make Istio simpler or easier to use? I don’t think so. It might actually increase complexity, but it could work well for specialized use cases. But, you'd need knowledgeable engineers to implement it properly. So, I think Istio has issues with performance and scalability. I guess that's the best way to put it. I recently worked with a customer who was running a performance test with Istio. Their test involved creating 500 to 1,000 namespaces with a large number of sample services that were all being rolled out together. What we found was that Pilot, one of Istio's components, was crashing, causing the performance test to fail. This isn’t a very common use case, spinning up a thousand services all at once, but it was overloading the control plane. We found that increasing the replica count on the control plane sometimes leads to issues with leader election. Pilot doesn't handle leader election very well, but a recent bug fix by the Solo.io team has improved this aspect. So, in terms of scalability, it’s improving. That's the best way to put it.
Based on my experience, the solution could be improved. They could simplify the learning process so that users can understand how its features work together, especially with components like Kibana. Learning about the different components is necessary. For instance, you need to understand the traffic flow, potential bottlenecks, and the architecture within Istio.
Istio has very few community forums. It would be good if the solution had more community forums. Recently, we have faced an issue. We were using an old version of Istio. Our Kubernetes version in our cluster was about to upgrade, and it was incompatible with the old version of Istio. Our whole production system went down, and we faced a lot of service outages because of that. If you have an old version of Istio installed, it should be compatible with all the Kubernetes versions.
If someone doesn't understand Kubernetes, they'll have issues working with Istio.
Istio's documentation is basic and would benefit from more examples. It's also difficult to set up, and some of its security features are restrictive.
For our use case that we applied it to, there were graph queues and the calls that were coming in. There were the things that we couldn't apply at the time, but it kind of worked.