Istio Ambient Mesh

A revolutionary sidecar-less service mesh architecture that provides security, observability, and traffic management without the complexity of traditional sidecars.

Key Features

Zero-Trust Security
Implement mTLS and security policies without sidecars using the ambient data plane.
Simplified Operations
Reduce operational complexity with shared infrastructure and simplified deployment.
Rich Observability
Get comprehensive metrics, traces, and logs without per-pod overhead.
Incremental Adoption
Gradually adopt mesh features with fine-grained control over your applications.

Quick Start

Get ambient mesh running in your cluster in just a few commands.

# Install Istio with ambient profile
istioctl install --set values.pilot.env.EXTERNAL_ISTIOD=false \
  --set values.istiodRemote.enabled=false \
  --set values.pilot.env.ENABLE_WORKLOAD_ENTRY_AUTOREGISTRATION=true \
  --set values.ztunnel.enabled=true

# Enable ambient mode for a namespace
kubectl label namespace default istio.io/dataplane-mode=ambient

# Deploy your application
kubectl apply -f your-app.yaml

Documentation

Overview
Learn about ambient mesh architecture and core concepts
Getting Started
Step-by-step guide to deploy your first ambient mesh
Usage
Configure traffic management, security, and observability
Upgrade
Upgrade your ambient mesh installation safely
Troubleshooting
Common issues and solutions for ambient mesh
Reference
API reference and configuration options
Built with v0