I have Idit Levine back on the show to discuss how solo.io use Istio and Envoy Proxy to provide API Infrastructure from the Edge to Service Mesh.


Chris Ward 0:03
Welcome to chinchilla squeaks. I still I feel like after a day, I could stop saying I’ve rebranded because especially after cube con, I think this interview number five in the past 10 days from cube con alone. So weekly wasn’t really making any sense. I actually have a repeat guest, I’d have to go back and check when the last time we were on was, but I do remember when we met somewhere at a some conference in Berlin, you were so enthusiastic you were working on and I think it was quite early days at the time. really pleased to have you back. And so joining me today, is it living from solo.io? How are you doing? I’m good. I’m doing really well. And still excited. Good to hear. Good to hear. Good to hear. I wish I could remember when it was but I feel like it was maybe two years ago. But let’s start with what Solo is. And then let’s kind of go from there and figure out what you’ve been up to the past couple of years.

Idit Levine 1:08
Yeah, for sure. So I mean, Sutherland and I chose is a trend hearing this all the connectivity problem, that immigration for monolithic to micro services, a concurrent. So you know, when you really move from monolithic to micro services, that gave a lot of benefit to a lot of people who actually adopt micro services, though, it also creates some challenges, and specifically, the challenges around the conductivity. So, you know, three challenges, main challenges that I recognized back then when I started, one thing is that how do I expose my application infrastructure to the outside world? How do I connect to applications running in my infrastructure? as well as how am I taking those micro services and compose the application from it? And those those three problems should have been solved? And we basically, yeah, we basically were excited about solving it. So we had two main products that we in the company. One of them is API gateway built on top of Android, a, and it’s named glue edge. And basically, it’s going to solve the two first problem, which is how do you expose your application to the outside world as well as how do you connect to application that they’re running on your infrastructure as a internet gateway, as I said, it’s built on top of envoy, which means that we are running in production for the last four years, we know it in and out, we customize that, and so on. So that’s the first product. And the second product is called glue mesh. And glue mesh basically, is trying to solve the third problem, which is how do you compose those application, and he did not just what glue matches is a management plan for service mesh. Specifically, it’s coming out of the box with so many solution like app mesh and open service mesh, when it will be available for Microsoft. And and the idea is trying to solve is the fact that they’re going to be more than one instance. So first of all it for service mesh, doesn’t matter if it’s the same, right? Like we see customers running, I don’t know, you know, we have anything from 40 data, 40 clusters, 240, data center and 1000 clusters and running str on each of those clusters. So the question is, how do you manage that? That’s number one, how do how can we help with make it easier to even if you’re only running one, cluster one it still so so basically, it’s helping them, they do operation with the management and so on. So take those two, that’s basically solving all the problems in the connectivity. And of course, we have stuff that you need anyway, if you solving it like developer portal, as well as we extending that platform with a web assembly. So basically, will we build a way to, to basically extend those key data planned envoys basically with with with web assembly, so then in the neck,

Chris Ward 4:04
didn’t see that as one of the buzzwords that web assemblies has become up everywhere, and it’s gonna come up a lot at cube con this year? for good reason. Yeah, it’s I think that it will be everywhere. So just to break apart a few things, because you mentioned a lot of different names there. And if you look on the homepage for solo, you see service mesh, build on sto envoy proxy, which are two existing open source projects. And then you have glue, edge mesh, portal, extensions, cloud, etc. So what what is, what are the How are the different parts relating to each other? Are your commercial products built on top of sto and envoy? Or are they complementing them and filling in gaps like what’s the relationship between all the different parts?

Idit Levine 4:51
So the way our product is working is that all of them are open source and we have the core core model. So basically, there is an open source. So there is talk To be up on this 1000 people right now using an STL, you know, glue and glue mesh and basically not being so damn, which is totally fine. And we totally appreciate that. But they there is also a comp enterprise component that we’re putting on top of it that differentiated. So that’s kind of like our business model is working to its core product. It’s something like I don’t know, like, what actually doing, for instance, any other companies. So that’s that in term of the open source itself. So we are adding on top of it, right. And that’s basically the idea. So in the eight gateway case, we taking envoy envoy is something that you shouldn’t manage, like they did you know, the configuration files should not be written by humans, it should be really mentioned. So yeah, it’s really human. And therefore, what we have is a control plan, basically, which is glue. That’s basically what it’s not to do is to look at your environment, look at your, you know, your secret, get configuration from you, and basically see the configuration to envoy every time that something changed. So basically, it’s a very simple, quite a, you know, it’s watching everything every, every time that something changes, just creating the snapshot, serving into endpoint, that the API gateway, and in animal in the sto part or the service mesh, one, it’s focusing on problem that the open source is just not solving it, you know, one right now one sto from one cluster, you probably can take it from upstream, what we adding on top of it, first of all, if you want something like FIPS compliance, if you want support, right, and making sure you know, long time support, because they the community one is offering only a managed one, I think. So we have like in minus four and so on. So that’s the first thing. But it’s going all the way to you know, again, it depends where you are in the on your on your journey, but it’s going to go all the way to crazy multi clusters and failover and routing based on localization and so on. So there is it’s really depends where you are in the in the during the journey, but it’s all stuff that we are adding on top of it, including wasum extensions on something that we doubled it.

Chris Ward 7:10
I feel like that might be one of the answers to the next question. So yeah, what what have you been up to in the past two years? I think it was quite early days, two years ago. If that if that’s correct. I think it must have been two years ago. Yeah. What have you been? I remember you actually showed me a demo. I think of glue, I think. Yeah. I think he showed me a demo, which was kind of nice. Yeah. And what’s been what’s been out? Yeah.

Idit Levine 7:36
Yeah, I mean, what are we doing? So basically, soy is very unique in the way we working, which is we working really, really closing with our customers. So like, we have very, very close relationship with them. To be honest, when we talk two years ago, I started glue, it was sounds like a very, very good idea. But it’s not even close to where it is right now, in the point of how better it is right now and why it’s better, it’s better because of customers, right? So basically, what we did, you know, we sell it to a very, very big organization. And suddenly they tell us, yes, but we need this. And we need to add, and we did that, right. And we basically was working very hard to build them everything that they need. And in my opinion, by far is the best API gateway that exists today. Based on top of fanboy the architecture is very clean, it always was clean, you know, from the get go and re architect or something, it’s and so on. So there is a lot of differentiator that we’re doing there, there are a lot of envelope filter that we wrote, we have wife, we have, you know, transformation, we have soap filter for Android, and so on. So there is that stuff that makes it very, very better. So in the Nexus glue edge today is a very solid product. I mean, I’m sure you guys using it, because you don’t even know but trust me you are because there’s so much customer right now that using it that you know, you probably use your invite, but without knowing. So that in terms of glue, a glue edge glue mesh is again is you know, basically to cover the service mesh. And again, just pushing the boundary. That’s basically what we’re doing bringing more stuff. So the stuff that we have in our product is just not exist in the market somewhere else. And, and the stuff that we’re going to announce soon will be events, something for sure that no one has, which is really, really exciting. But But you know, stuff like for instance leading their web assembly ecosystem on envoy and create a Docker like experience to extend that to our product, working along with a customer and hearing what they need and build it. So yeah, I mean, I mean, it did not just we were just busy of making a robust product and working with our open source and closed source enterprise community to basically just you know, build a very good product and as I said we pushing so you will see well coming for us for like a month or two and I think that that’s would be pretty exciting.

Chris Ward 9:57
I’m actually was interested in hearing a bit About the portal is that? Firstly, is that also open source? Or is that something you are adding as a commercial?

Idit Levine 10:09
No, that’s specifically we kept the commercial that would make sense, I think. Yeah. So I mean, I mean, the stuff that is said that, we talked about glue in itself. And that’s also for the fall for SEO. In a nutshell, what we’re doing we took in, there is an open source project that a lot of people are using right now. But there’s also a sub component that we’re putting on top of it, for instance, example for besides our special filter, for instance, something like Federation, as I said, there was a lot of glass there, how do you manage now a suite of glues everywhere? Now there’s communication and as you fill over between them, and so on. So um, so that’s some that so that’s one thing. And the other thing is that what we heard from our customers is that we had a lot of customer that came and said, Listen, we really, really like that, though, we are using Apogee, we are using Kong. And this is a legacy API gateway. And we really wanted to go with you, though, there is some stuff that you’re missing. And the main point that you may think is developer portal, right, and we are using it, this is the way we are using, you know, our developer onboarding. So we released them. And it’s not open source. But it’s been exactly like all our tool is built, being in the point that it’s, you know, it’s a, it’s all cod base, eventually consistent cloud native with the way you will want to write it. And we again, even there, we are constantly thinking about our customer, but we’re also thinking about ourselves. And I’m thinking all the time, like, Am I want to run this API gateway, Mike, right. This is the reason we started because I don’t want to run nginx in my, in my, in my infrastructure, I don’t want to run this monolithic crazy stuff. So what I did instead of with the developer portal, for instance, we are most work that we do. And it’s in reading it in either c++ for envoy or waiting it in go language. And the way our communication between the go component is basically g RPC. So we said, well, how is developer portal open? No, we’re not using the open API, we don’t use Word Swag is what are we going to do? So therefore we put in, we implemented those two there as well. So basically, we are the only one supporting g RPC. And we actually, we are the only UI for the RTC. And then and you know, there was a lot of people that you know, basically coming just because of it, and you will see again, what we going to announce soon I think it will be even more flexible. So

Chris Ward 12:35
you can’t tell me what you’re going to announce soon. This is not fair. We’re working on it very hard. Okay. And let’s, let’s, uh, let’s dig into the extensions part. Because I think that’s probably the one of the bits where you’ve been working on it the most. And we’re sorry, the the extension. So I guess the web assembly part? Yeah, where most interesting part. So like, what, what, what, let’s go back a step first. It’s like, what is that? What do you think that’s useful for? What do people use it for?

Idit Levine 13:08
So I mean, let’s go kind of like back to web assembly. What is in general web assembly is a technology that people write for, actually, there was a Mozilla project that the idea was, how can we run a extension in the browser, that will be faster, right, we want better performance, JavaScript is not going to cut it, can we do something else, there were, there were a few features that they need or use, or use cases that they needed to feel in order to be able to do something like that. A, which is one, for instance, run everywhere, because you have a browser everywhere. feature like it’s have to be secure, because you don’t want that this custom code is going to take over your browser, right down, and so on. So what we did is so so that’s that was very, very successful. But now if we’re going to talk about what we’re doing, so we are using envoy. And one of the beautiful thing about envoy is the fact that you can extend it and the way it’s built, it’s basically what’s called a a filter chain. So when the request is coming, it’s going to a chain filter that you can do is call them. So one of them is their external filter, and one of them will be rate limiting filter, and eventually be routed. But in the naturals it’s going there. And the beautiful about them is that you can put your own custom filter. And that’s what we think. So filter. That’s how we did it. We have a water filter, web application firewall, that’s how we did it transformation. Same thing. In order to do this, you need to write the code in c++ as sync, which means that you can’t really leverage a lot of those libraries that exists. So you need to rewrite everything which is really, really a lot of work. And then you need to recompile Android and recompile it. Yeah, you need to build do use visor, which is a complex tool. So we’re doing it this is what we’re doing. This is what we need to do for the last four years though. We felt that In some, some of our customers basically come to us and say to us, listen, we have this like security system or something. And we wanted to write down for the women, some you to write for us, different fields that are very, very specific for that customers. If it’s very specific to that customer, it shouldn’t go to our to our product. So now the question is owning those. And the idea was is can we come up with a way that customer will be able to own their own customer code will be able to extend this very, very amazing data plan, right, call invoice, and basically will be able to own it by themselves. So they will be able to write it and basically maintain it by themselves. And webassembly was kind of like a very interesting technology to do this. Because in the nutshells, as I said, it’s almost writing natively make almost native native code. So the performance is not going to be that bad. Just got, of course, it depends how much better we will put but in the nutshell is that performance is pretty good. And then it’s it’s secure, because it’s running in its own sandbox. So it’s, that’s fine. And it’s can run in and you can write it in every language that’s giving very powerful to to our customers. And it’s more important, dynamically loaded, which means that you don’t need to compile. And so we took this and we said, That’s very interesting. We work together with Google and basically brought it to envoy. So now we have envoy proxy, and you can run basically those custom custom filter and bring this machine. But when we saw that, we said, This is awesome. This is like a very, very unique technology. And to be fair, it was ringabel to a lot of very cool technologies that was in the past was a lie, like basically Linux container container was there a long time, but no one used it until Docker make it easy to use. So when we’re looking at this, we said, okay, so it’s all about user experience. We have a problem, like how is that people going to work with this to build the model on WhatsApp, it’s not simple to bring it to Android, it’s definitely not simple to configure. And it’s even harder. So how do you do this? And basically, what we did we build a Docker experience for, for extending envoy envoy proxy. So basically, it’s very simple, it’s a command line that you can do in it, then, you know, it’s basically build your project, then you’re putting the custom code that you need, then you’re doing what some call, you know, in that case is messy dl M. Eight build, then you build it, then you can push it to a registry that we build called webassembly. hub, or to your private one, basically, you can use it, then you can pull it, or you can just deploy it on your mesh on your glue or on your vanilla envoy. And that’s giving you a really, really strong, powerful all the basically the piping, everything that is messy and hard, we do cover ourselves. So now it’s just automated it easy. Everybody can use it. So that’s basically what we did it. We did it over a year ago. It’s really exciting because we already have customers running it in production, which is excited. And of course, web assembly support is just part of our product. So if you’re using blue edge

Chris Ward 18:05
building, and if I understand correctly, that in theory means that people could write their own extensions for envoy in whatever language they want. That is supported in webassembly. So yeah,

Idit Levine 18:15
exactly. Then tell us which which, which sidecar, they want to deploy it. And it’s happening. Now you can extend your metrics, you can extend your visibility, you can write your custom code, security, custom code, whatever you want, basically, wherever you want. It’s really, really powerful. But

Chris Ward 18:33
yeah, I can start to think how useful that could be, especially for integrating with legacy applications and all sorts of things. I mean, obviously, it has to be supported by web assembly. But

Idit Levine 18:43
yeah, but we can do this. Right. And I think that, as I said that dynamically loaded is I think, the big winner here. I think that will be I believe that going forward, that probably will be the way to extend everything in the cloud. Yeah. So pretty excited about that.

Chris Ward 19:00
So what were you announcing? What were you doing? What were you whatever running at cube con, what was what was the reason for solo to be there?

Idit Levine 19:13
So I mean, so just before a just before, solo con, a sorry, a coupon or solo con. I mean, that’s quite a lot of stuff there. So I can share about the stuff that we did there. But mainly in the naturals in every product, we’re not something. So for Glu edge, for instance, is supporting itself, which is really, really important and a lot of other expense for that a developer portal. We talked about g RPC

Chris Ward 19:39
through to keep saying soap, do you mean the old so

Idit Levine 19:45
you can actually think about it. I mean, a lot of archives and a lot of legacy, unfortunately, out there, right. And right now, it’s basically wasn’t supported by endpoints so you can run the new stuff. So that was a repeatable question. biddable For us, for our customers in developer portal with a G RPC, which was a big one. And, you know, a lot of other features that related to this end in glue match, we did a lot of features. So we changed totally the architecture to be more secure. And basically a more like the Kubernetes. Architecture, we add observability, multi cluster. So basically, no matter where you are, you are getting an opposite observability. And with the ability to even customize it with wasum, we get as I said, the wasum support, we are they, they, you know, what we call in virtual destination, which is the ability to group together destination and basically, a by default, it will go to the close one. So like, for instance, I have a billing system everywhere, right. But I have a fee and something that calling that calling another another a story, something, something that calling another in another, you know, another service, so we want to do it to the close mom, but if that’s not there, I want to go and kind of like, longer, longer, right, until I will find one that works. So kind of like a failover component. And more and more. I mean, there’s quite a lot of features that we work again, most of them closely with our customers. So we’re

Chris Ward 21:27
mostly customers is a much of a community behind the open source projects where it’s not necessarily customers, but people who are just working on it. Yeah, okay. Yeah,

Idit Levine 21:37
a lot. A lot. I mean, there is like, I think we were close to 4000 people in the slack community. And, ya know, there’s still a lot a lot of people actually using it in production right now, and probably a lot of them that, you know, like big, big organization. So, yeah, that’s pretty exciting. Actually. It’s very rewarding. Okay,

Chris Ward 21:59
cool. Um, I think there’s one other project we didn’t really mention, which I think I remember you mentioning before, which was squash, is that something that’s kind of more of a smaller thing you you have? Or is that something that’s part of the commercial offering as well?

Idit Levine 22:16
No. So to be honest, we stopped when I started the company until I raised money and was pretty bored. So I created squash at squash was squash is a really, really important project. I mean, I think that is really, really useful. The only thing is that to develop tools. We brought it to a very good point. But to be fair, we didn’t plan never to do it as a commercial, we mainly build it for ourselves. The idea was, you know, we have a lot of microservices environment, we need to it’s very easy to use it. I mean, we will do something with this. But again, in terms of priority, and what the customers think that wasn’t high. Yeah. But I mean, it is there is value, there’s people using it. So it’s exciting.

Chris Ward 22:57
So I get the impression you’re very customer driven. But aside from those costs the community besides those requests that we can’t completely predict yet, because who knows what they will be? What’s on the roadmap for the next six months that you can talk about, you keep telling me there are things coming. Yeah, but what what what can you mention?

Idit Levine 23:21
Yeah, no, I mean, nothing that I can. I mean, I mean, no, there is the regular stuff that we will continue to enhance our platform. And and so a lot of, you know, a lot a lot of every project that we have, there is a new thing that coming up, and I said, but I’m 40 I cannot talk about it. Yeah. And but yeah, no, I mean, just to be fair, to make it better and add more, you know, we want to make it damn simple to use service mesh, right. And in order to do this, we need to, yeah, working with our customer and huge scale, like crazy scale 1000s of customers. So making sure that I happen

Chris Ward 23:56
just for the the individual developer, which is kind of a large part of the audience of the show, who’s, you know, maybe they work for a large company, but just as interested in just experimenting and seeing what Seto can do for them in the first place. You have a lot of moving parts, like where do you think someone just thinks that sounds interesting? I want to I want to want to try this. Where should they start? Yeah. So

Idit Levine 24:21
I mean, when we see a lot of our customers starting with the edge, which is basically a gateway, if you need any Ingress API gateway, I will, I will argue, and I will gladly argue that that’s the best one that exists in the market. So go go use it and try it. And for free, it’s open source, so why not? There’s tons of community behind it. A lot of people working on this, I want to come and join the slack and get help. I will say that if service mesh is what you’re interested in again, blue, which is a really, really point. Good point to start with it. And yeah, one more thing that we actually did announce and I forgot to say that I think it’s relatively important is that you know, we weren’t With API gateway for a long time and envoy specifically, and we build a lot of stuff to envoy that is existing glue edge but does not exist in sto, one of the things that he basically announced is that we’re basically taking all that functionality and bring it to Sto. So basically, giving you the ability to have, you know, everything that we describe that is unique for us, basically, on the regular Ingress a Sto. So basically, I don’t know, first must last comment. Yeah. So that’s another thing that is going to work. So if you’re working with STL, which I’m assuming a lot of people are, you know, seemingly so. Yeah, to me, it will be really, really, I think, comfortable for you to do. Maybe I did, I did

Chris Ward 25:47
interview the linker D people a couple of weeks ago, they’re definitely not. But obviously, it’s a little hard to sort of wrap up question as a little hard with the online conferences, and I think next cube con will be back to normal. But from from the past cube con, or from the past few months, what kind of has really interested you that is not necessarily directly related to what Solo is doing that you’ve seen and thought this is really something to look out for?

Idit Levine 26:23
Yeah, that’s a good question. I mean, as I said, I think I’m trying to figure out if there was anything that was like laywomen. I think that that definitely is webassembly is something that close to me. I also ebpf is something that I’m pretty excited about. So those two, I think is the one that I’m curious about, in see what’s going on there.

Chris Ward 26:45
I don’t know, I don’t think that there was a huge ebpf is I actually did also have a couple of months ago from from psyllium. I surveillance and it’s just such one of these weird technologies because the underpinning has been around for ages. And now it’s sort of like this thing everyone’s talking about. Yeah. People are kind of like, hey, it’s been here for ages, you know,

Idit Levine 27:15
this container was there, too. I mean, it’s interesting to see what we can do. I’m okay. Curious about the use cases, right? Yeah. Because right now, it’s kind of like directly compete with service mesh. I don’t know that. Yeah, that would be interesting to see what we can do with it.

Chris Ward 27:30
Cool. So just to wrap that up, it’s solo.io. I mean, I mentioned it a few times. It’s actually the the name of the company, I suppose. So yeah. It’s also the website. But yeah, thanks again for joining me. And it was great to see you. There was Thanks and have a good day. Take care.