The Cloud Native Computing Foundation (CNCF) has announced that its Technical Oversight Committee (TOC) has voted to accept the service mesh Istio into the foundation as an Incubating project.
Istio provides a way to secure, connect and monitor services in cloud-native applications. It offers features like zero-trust networking, policy enforcement, traffic management, load balancing, and monitoring.
“We are pleased to unify Google’s industry-defining stack of cloud native projects — Kubernetes, Istio and Knative — in one home under the CNCF,” said Craig Box, developer relations lead at Google Cloud and Istio Steering Committee member. “Our team has been working to bring the service mesh community together around the Kubernetes Gateway API, and we look forward to seeing, and driving, more such collaboration between CNCF projects. This is a significant milestone for Istio and its community, and we are thrilled to reach this next step in the evolution of the project.”
The project was developed in 2016 by IBM and Google, with collaboration with Lyft, which also built the Envoy projects.
Other significant contributors to the project since its inception include Red Hat, Cisco, VMware, Intel, Huawei, Tencent, Alibaba, and DaoCloud. A number of companies have also been created to offer commercial Istio solutions, such as Tetrate, Aspen Mesh, and Solo.io.
Istio 1.0 was released in 2018, and by 2019 it was the fourth fastest growing project on GitHub.
Istio has also been a supporter of the U.S. government’s mandate of zero trust architectures for federal infrastructure. It co-authored the National Institute of Standards and Technology SP 800-204A standard, which is about how to secure microservices. Governments have also adopted Istio, including the DoD Enterprise DevSecOps initiative.
“Bringing Istio to CNCF further validates its neutrality and maturity as a foundational technology in modern software platforms,” said Nicolas Chaillan, former Chief Software Officer for the Air Force and Space Force and advisor to Tetrate. “Istio has been an integral part in driving security best practices in government and commercial organizations, this will accelerate Istio’s adoption and broaden its impact across the industry.”
The latest release of Istio was 1.15.1. The most significant recent feature is the release of a new operating model, ambient mesh, which moves data plane functionality from sidecar containers into network infrastructure. Currently available as an experimental feature, it is still under community development.