-
nginx-service-mesh
Discontinued A service mesh powered by NGINX Plus to manage container traffic in Kubernetes environments.
-
egress-operator
A Kubernetes operator to produce egress gateway Envoy pods and control access to them with network policies
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
https://docs.nginx.com/nginx-service-mesh https://github.com/nginxinc/nginx-service-mesh
Linkerd. I implemented Istio for the same reason at my first Kubernetes job. Comes with all the bells and whistles out of the box, but it’s all tightly coupled, as OP said doesn’t upgrade well. I’ve since realised “one tool for one job” is better. Linkerd for mesh and something else for ingress and egress. There are lots of options, I’m looking at implementing Monzo’s egress operator next time I need to control egress https://github.com/monzo/egress-operator.
Hi! I wrote a thing called KubeTLS that automatically provisions MTLS certificates per-pod. It is not necessarily simpler than KubeTLS, because you need a lot of the same components, but if you're not looking for the whole set of baggage that comes with an integrated and opinionated (and in my view, often wrong) solution, I'd be happy to help you give it a try.