VMware has introduced NSX Service Mesh, the company's version of the open source Istio platform for connecting,...
managing, monitoring and securing networks of containerized microservices on cloud platforms.
NSX Service Mesh is the latest of several cloud-native technologies VMware has integrated with NSX-T, which is VMware's version of NSX for infrastructures that are not based on the company's vSphere virtualization platform for the data center. NSX and NSX-T are virtual networking and security products, but the latter is stand-alone software with a management interface.
The foundation of the VMware service mesh is Istio, which was developed by Google, IBM and Lyft. Istio enhances the tools vendors provide to manage traffic between microservices, enforce access policies and aggregate telemetry data.
Initially, VMware is using NSX Service Mesh with the cloud-based version of its Pivotal Container Service (PKS). VMware Cloud PKS lets companies run clusters of microservices packaged as Kubernetes containers.
Kubernetes is an open source container orchestration and management tool. VMware's Cloud PKS delivers Kubernetes as a service along with the company's Smart Cluster technology, which automatically adjusts the size of Kubernetes clusters based on demand. The feature improves performance and reduces cost, as public cloud providers typically charge for the resources used.
NSX-T connects the VMware service mesh to Kubernetes containers via the Container Network Interface. CNI provides a standard API for configuring the network layer to apply, for example, network policies that govern how container clusters communicate with each other.
VMware service mesh for DevOps teams
While NSX Service Mesh has networking features, it isn't a product most networking teams would buy, said Shamus McGillicuddy, an analyst at Enterprise Management Associates, based in Boulder, Colo. Instead, other IT groups would use the VMware product to build software tools network managers could use to provision networks for microservices.
"VMware plans to sell this to application platform teams -- the people who build and maintain the infrastructure that app dev and DevOps teams use to develop, test and deploy cloud-native applications," McGillicuddy said.
VMware's rival, Cisco, is also developing technology for provisioning and managing Kubernetes workloads on hybrid and multi-cloud environments. Called the Cisco Container Platform, the product includes a management console for provisioning Kubernetes clusters on premises and on AWS and Google Cloud.
VMware plans to release Service Mesh with support for Cloud PKS in early 2019. The company plans to add support eventually for a federated mesh, which would connect container clusters across multiple cloud providers.