Istio versus Traefik/Linkerd: Choosing the right technology

Sunday, December 6, 2020

« Back to overview

The CNCF landscape lists plenty of proxies under the service proxy, API gateway and service mesh categories. Though our time is limited and the abundance of choice can feel overwhelming. Articles on the internet can be insightful but they are often biased, outdated and still leave you with an incomplete picture. That leads us to the simple question: How do you choose the right technology?

Let's approach this question from a different angle: Given that we swapped from Traefik and Linkerd to Istio, did we choose the wrong technology? I feel comfortable saying that we decided right. Traefik is simple and could be deployed with a straightforward Kubernetes deployment manifest. We all knew how to do this and it allowed our microservices to serve traffic as soon as possible.

Once deployed, it gave us time to delve deeper into service meshes: What problem do they solve and can we leverage them into a technical or business advantage? It's important to have clear reasons to commit to the burden of maintaining a service mesh as that effort could be spent elsewhere. In case you have your reason, you still need to figure out how they work. Walking this journey can't be cheated and Linkerd provides a drop-in solution to get started.

Figure 1: Traefik dashboard. A neat overview with a focus on simplicity.
Figure 1: Traefik dashboard. A neat overview with a focus on simplicity.

As time passed, so did our experience with Kubernetes. Deploying Istio through an operator suddenly didn't feel so daunting anymore. On the other hand, as our number of microservices grew so did our needs.

We liked the simplicity of operating both ingress controller and service mesh through a single operator. It also comes with excellent day two functionality. For instance, you can upgrade seamlessly by deploying multiple control planes and gradually migrate pods between them.

Istio had some more advanced use-cases in terms of traffic management and observability that our platform could benefit from. It also uses Envoy under the hood which has debugging tools and an extensible architecture with a rich ecosystem. We decided to take the leap after discussing the pros and cons with the team, the migration went smooth and the rest is history.

Figure 2: Istio dashboard. A neat overview with a focus on flexibility.
Figure 2: Istio dashboard. A neat overview with a focus on flexibility.

Ofcourse, this story does not help you to make the right choice. But maybe there is no right choice when operating under uncertainty. Instead we suggest to start small and let your platform evolve over time.

There is more benefit in highlighting the idea of emerging platforms as these principles help you guide both your current and future problems. Putting the principle in practise is easy:

  1. Timebox a hands-on investigation with those closest to the problem.
  2. Choose the best fit with your current knowledge.
  3. Minimize the impact of risk and deal with problems as they come.
  4. Build confidence in change through monitoring.
  5. Avoid the bureaucratic dance through lightweight change processes.

Once you accept that few choices in life are one-way doors a whole new world opens. Accept where you are in your journey of cloud adoptation and step by step take yourself to the next level. Best of luck!

Sign up for the newsletter and I'll email you a fresh batch of insights once every while.

✉️