Operate Multi-Tenancy Service Mesh with ArgoCD in Production

The presentation discusses the use of Istio service mesh for multi-tenancy and how it can be configured for single or multiple control planes.

• Istio service mesh is important for resource-saving and identity isolation in multi-tenancy models
• Recent enhancements make it easy to configure using the revisions feature and discovery selectors
• Multiple control planes allow for separate versions and lifecycle management for different applications
• Mixed multi-tenancy models are possible depending on the organization's requirements
• Argo CD can be used for deploying and syncing resources in the cluster

The presenter demonstrates the deployment of an application using Argo CD and shows how authorization policies can be used to secure communication between different workloads in different namespaces.

Service meshes offer a breadth of benefits from securing to adding reliability to gaining visibility into your applications. However, as you start to scale your environment and start onboarding different teams or applications into the mesh you run into challenges of tenant isolation in terms of configuration management, resource consumption and security. What is the difference between soft multi-tenancy and hard multi-tenancy? Which one fits best for you? In this session, Faseela and Lin who both are maintainers of Istio will present how to achieve soft multi-tenancy and hard multi-tenancy with Istio service mesh and roll it out to your teams or applications with ArgoCD in production along with live demos.