Tanzu Service Mesh and Global Namespaces

April 2, 2020 Niran Evenchen

Tanzu Service Mesh, previously called NSX Service Mesh, is VMware’s unique entry into the service mesh arena that was recently made available for purchase.  

One of the primary constructs of Tanzu Service Mesh is the concept of a Global Namespace (GNS). GNS allows developers using Tanzu Service Mesh, regardless of where they are, to connect application services without having to specify (or even know) any underlying infrastructure details, as all of that is done automatically. With the power of this abstraction, your application microservices can “live” anywhere,  in any cloud, allowing you to make placement decisions based on application and organizational requirements—not infrastructure constraints. This higher-level abstraction lets you continue to deploy multiple Kubernetes clusters for multitenancy, availability, or separation of stateful and stateless workloads while providing connectivity to and between them as if they were a single cluster. 

You can also “move” application services without having to change anything in the application itself, which brings the idea of multi-cloud or hybrid-cloud workloads to life. This cross-domain/cross-cloud communication requires additional security considerations, so GNS encrypts the traffic, end to end, between the services across clusters and clouds.

In GNS, we group the services that compile our application into a “sandbox.” These services can exist in multiple Kubernetes clusters and even clouds. By grouping the services into this “sandbox,” we abstract the application from any underlying infrastructure details, allowing us to apply service mesh capabilities such as service discovery, identity services for mTLS, auth policies, and other features to the abstracted application and not to the services. 

A demo is almost always the best way to highlight new functionality, so we have prepared one to illustrate the capabilities of Tanzu Service Mesh. In this demo, a Global Namespace is created to deploy an abstracted application framework across clouds and Kubernetes clusters. We also show how easy it is to onboard new clusters to our service and build a new GNS to establish its service discovery and encryption capabilities.

The application used for the demo is called Acme Fitness. It can be found here.

To learn more about service mesh broadly and the capabilities of Tanzu Service Mesh specifically, download Service Mesh for Dummies. It provides an introduction to both service mesh concepts and the features of Tanzu Service Mesh.

About the Author

Niran (@niranec on Twitter) is a senior product line manager for VMware Tanzu Service Mesh with 20 years of experience in VMware and cloud technologies.

More Content by Niran Evenchen
Previous
Learn How to Build Applications on Kubernetes at VMware’s KubeAcademy
Learn How to Build Applications on Kubernetes at VMware’s KubeAcademy

This new KubeAcademy course teaches developers how to how to build applications on Kubernetes.

Next
Learn How to Configure and Leverage Kubernetes Cloud Providers at KubeAcademy
Learn How to Configure and Leverage Kubernetes Cloud Providers at KubeAcademy

KubeAcademy from VMware has launched a new course called Integrating with Cloud Providers.