Need advice about which tool to choose?Ask the StackShare community!

AWS App Mesh

+ 1

+ 1
Add tool

AWS App Mesh vs Istio: What are the differences?


In this article, we will discuss the key differences between AWS App Mesh and Istio, two popular service mesh solutions for managing and securing microservices architectures.

  1. Service Provider: AWS App Mesh is a fully managed service provided by Amazon Web Services (AWS) that allows users to easily monitor and control their microservices-based applications. On the other hand, Istio is an open-source service mesh platform developed in collaboration between Google, IBM, and Lyft.

  2. Platform Compatibility: While AWS App Mesh is specifically designed to work with services hosted on AWS, Istio is platform-agnostic and can be used with any Kubernetes cluster, regardless of the underlying infrastructure.

  3. Integration with AWS Services: AWS App Mesh seamlessly integrates with other AWS services, such as Amazon Elastic Container Service (ECS), Amazon Elastic Kubernetes Service (EKS), and AWS Fargate. It provides native integration with AWS Cloud Map for service discovery. In contrast, Istio does not have built-in integrations with AWS services and requires additional configuration to work with AWS-specific resources.

  4. Fine-Grained Control: AWS App Mesh offers fine-grained control over traffic routing and observability through its rich set of features, including weighted routing, circuit braking, retries, timeouts, and distributed tracing. Istio provides similar capabilities, but it also allows users to define more complex traffic management policies using its powerful routing and traffic shifting capabilities.

  5. Ease of Use: AWS App Mesh is a fully managed service, which means users do not have to worry about the operational aspects of running a service mesh. It provides an easy-to-use console for configuration and monitoring. Istio, on the other hand, requires manual installation and configuration, making it more suitable for advanced users who require greater flexibility and control.

  6. Community Support: As an open-source project, Istio benefits from a large and active community of contributors and users. This community-driven development model ensures a rapid pace of innovation, frequent updates, and a wealth of resources and support. AWS App Mesh, while not open-source, has the backing of AWS, a major player in the cloud computing industry, which guarantees support, updates, and integration with other AWS services.

In summary, AWS App Mesh and Istio have different strengths and target different use cases. AWS App Mesh is a fully managed service with seamless integration with AWS services, making it easier to use for users already on the AWS platform. Istio, being open-source and platform-agnostic, offers more flexibility and control but requires manual installation and configuration. The choice between the two depends on the specific requirements and preferences of the user or organization.

Advice on AWS App Mesh and Istio
Mohammed Shurrab
Needs advice
AWS App MeshAWS App Mesh

One of our applications is currently migrating to AWS, and we need to make a decision between using AWS API Gateway with AWS App Mesh, or Kong API Gateway with Kuma.

Some people advise us to benefit from AWS managed services, while others raise the vendor lock issue. So, I need your advice on that, and if there is any other important factor rather than vendor locking that I must take into consideration.

See more
Replies (2)

The benefit of using Kuma + Kong Gateway are:

  • Feature-set: Kong + Kuma provide an end-to-end solution for both APIM and Service Mesh with a feature-set, and a performance, that is not matched by AWS services. In addition to this you can extend Kong Gateway with 70+ plugins out of the box and choose between 500+ plugins from the community to cover every use-case. In comparison, the feature-set of AWS API Gateway is quite limited and basic.
  • Performance: Especially in the case of Kong Gateway, performance has always been a top priority for the project (more performance deliver more reliable applications). In some benchmarks the latency added by AWS API Gateway can be 200x more than what you would achieve with Kong Gateway natively which has been hand-crafted for maximum throughput.
  • Cost: While cloud vendors like AWS make it very easy to get up and running with their services at a lower initial cost, that cost ramps up very quickly (exponentially) as the number of requests are increasing. With Kong GW you don't have this problem, since you can run tens of thousands of concurrent requests on a small EC2 instance (or Kubernetes Ingress, via the native K8s ingress controller for Kong Gateway).
  • Portability: You can replicate your infrastructure on any other cloud, or on your development machines with ease. Want to run your gateway + mesh on your local Kubernetes cluster? You can do that. Want to run your infrastructure on another cloud provider? You can do that. Strategically you have full ownership of your infrastructure and its future. When it comes to Kuma, you can also run a Mesh on VM-based workloads in addition to Kubernetes (Kuma is universal).
  • And much more.

Disclaimer: I am the CTO of Kong.

See more
Amarnath RC
Program Architect at Mindtree · | 2 upvotes · 35.3K views
AWS App MeshAWS App Mesh

AWS App Mesh is useful when your micro services are deployed across Ec2 , EKS or ECS. Assume you are in process of migrating microservices from ec2 instances to ecs, its easy to switch using Virtual router configuration. As App Mesh is managed service and easy to bring up ,its worth giving it a try for your use case before choosing Kuma or any other tool.

See more
Decisions about AWS App Mesh and Istio
Prateek Mittal
Fullstack Engineer| Ruby | React JS | gRPC at Ex Bookmyshow | Furlenco | Shopmatic · | 4 upvotes · 294.3K views

Istio based on powerful Envoy whereas Kong based on Nginx. Istio is K8S native as well it's actively developed when k8s was successfully accepted with production-ready apps whereas Kong slowly migrated to start leveraging K8s. Istio has an inbuilt turn-keyIstio based on powerful Envoy whereas Kong based on Nginx. Istio is K8S native as well it's actively developed when k8s was successfully accepted with production-ready apps whereas Kong slowly migrated to start leveraging K8s. Istio has an inbuilt turn key solution with Rancher whereas Kong completely lacks here. Traffic distribution in Istio can be done via canary, a/b, shadowing, HTTP headers, ACL, whitelist whereas in Kong it's limited to canary, ACL, blue-green, proxy caching. Istio has amazing community support which is visible via Github stars or releases when comparing both.

See more
Get Advice from developers at your company using StackShare Enterprise. Sign up for StackShare Enterprise.
Learn More
Pros of AWS App Mesh
Pros of Istio
    Be the first to leave a pro
    • 14
      Zero code for logging and monitoring
    • 9
      Service Mesh
    • 8
      Great flexibility
    • 5
    • 5
      Powerful authorization mechanisms
    • 5
      Ingress controller
    • 4
      Easy integration with Kubernetes and Docker
    • 4
      Full Security

    Sign up to add or upvote prosMake informed product decisions

    Cons of AWS App Mesh
    Cons of Istio
      Be the first to leave a con
      • 16

      Sign up to add or upvote consMake informed product decisions

      - No public GitHub repository available -

      What is AWS App Mesh?

      AWS App Mesh is a service mesh based on the Envoy proxy that makes it easy to monitor and control containerized microservices. App Mesh standardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high-availability for your applications. App Mesh gives you consistent visibility and network traffic controls for every microservice in an application. You can use App Mesh with Amazon ECS (using the Amazon EC2 launch type), Amazon EKS, and Kubernetes on AWS.

      What is Istio?

      Istio is an open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio's control plane provides an abstraction layer over the underlying cluster management platform, such as Kubernetes, Mesos, etc.

      Need advice about which tool to choose?Ask the StackShare community!

      What companies use AWS App Mesh?
      What companies use Istio?
      See which teams inside your own company are using AWS App Mesh or Istio.
      Sign up for StackShare EnterpriseLearn More

      Sign up to get full access to all the companiesMake informed product decisions

      What tools integrate with AWS App Mesh?
      What tools integrate with Istio?

      Sign up to get full access to all the tool integrationsMake informed product decisions

      What are some alternatives to AWS App Mesh and Istio?
      Consul is a tool for service discovery and configuration. Consul is distributed, highly available, and extremely scalable.
      Originally built at Lyft, Envoy is a high performance C++ distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures.
      Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions.
      linkerd is an out-of-process network stack for microservices. It functions as a transparent RPC proxy, handling everything needed to make inter-service RPC safe and sane--including load-balancing, service discovery, instrumentation, and routing.
      JavaScript is most known as the scripting language for Web pages, but used in many non-browser environments as well such as node.js or Apache CouchDB. It is a prototype-based, multi-paradigm scripting language that is dynamic,and supports object-oriented, imperative, and functional programming styles.
      See all alternatives