Open-sourced in 2017, Istio is a highly extensible and widely used service mesh developed by Google, IBM, and Lyft. Using Envoy as the sidecar proxy, Istio simplifies traffic management, security, connection, and observability in distributed systems. Being a collaborative project from three tech giants, Istio is a rich-featured service mesh with advanced capabilities, including load balancing, policy creation, traffic routing, and service-to-service authentication.
Like many other service meshes, AWS App Mesh uses the Envoy sidecar proxy to provide application-level networking and management of ingress and egress traffic to services. It is a fully managed service mesh built for the AWS-managed Kubernetes platform, EKS, integrated with other AWS services, including Amazon EC2 and AWS Fargate. AWS App Mesh offers circuit breaking incorporated with Prometheus or AWS X-Ray to provide visibility into the observability metrics generated by the service mesh.
Kuma is an open source platform-agnostic service mesh created by Kong. It was designed to augment the usability and ease of operation of already existing service meshes. Kuma supports Kubernetes and virtual machines and provides networking needs with enhanced security, observability, and inter-service connectivity. Kuma is an easy-to-implement service mesh that comes with pre-bundled policies such as routing, mTLS, fault injections, traffic control, and other helpful networking and security features.
Network Service Mesh offers low-level heterogeneous network configurations for Kubernetes. NSM is described as a “connection-centric service mesh” ideal for use in advanced systems such as edge computing, 5G networks, and IoT devices. It is a sandbox project with the CNCF.
NGINX Service Mesh is a simple, lightweight service-to-service networking service that provides scalable, secure, and unified ingress and egress traffic management for Kubernetes clusters. It uses its homegrown ingress controller and NGINX Plus as the sidecar proxy and provides observability through integration with Prometheus, Grafana, and Open tracing. It is a developer-friendly tool that is suitable for small and enterprise-scale Kubernetes environments. Its unique traffic-handling features include service throttling, rate shaping, A/B testing, and canary releases.