HPE's Adoption of Layer5 Meshery and Kanvas
HPE uses Meshery to manage SPIRE instances
HPE, a leading technology company specializing in enterprise infrastructure, adopted Meshery Extension to enhance their Kubernetes deployments. HPE uses Kubernetes as a primary platform to build and deploy their containerized applications. The company has a large and complex Kubernetes environment, which requires robust networking solutions for efficient communication between services.
HPE FAST FACTS | |
 Full Time Employees: 60,000+ |  Market Presence: HPE is one of the largest technology companies globally, serving customers in over 150 countries. |
 HPE GreenLake: HPE GreenLake is a key offering by the company, providing a flexible and scalable IT infrastructure model known as "everything-as-a-service." |  Research and Development: HPE invests significantly in research and development to drive innovation. It operates HPE Labs, which focuses on developing cutting-edge technologies and solutions for the future. |
SPIRE is a toolchain of APIs for establishing trust between software systems across a wide variety of hosting platforms. SPIRE exposes the SPIFFE Workload API, which can attest running software systems and issue SPIFFE IDs and SVIDs to them.
✔️ Consistent service mesh management: HPE can now manage all their service meshes consistently, regardless of the underlying infrastructure or cloud provider.
✔️ Improved observability: With Meshery's built-in visualization and observability tools, HPE can gain insights into the behavior of their service meshes, detect anomalies, and troubleshoot issues in real-time.
✔️ Simplified testing and validation: Meshery's service mesh validation capabilities enable HPE to easily test and validate their service meshes, ensuring that they meet their performance, security, and compliance requirements.
✔️ Enhanced security: With Meshery's security features, HPE can ensure that their service meshes are secure and compliant with their organization's security policies.
Overall, Meshery has helped HPE to streamline their integration of the identity management control plane to reduce complexity, and improve the overall reliability and performance of their Kubernetes environment. SPIFFE is a set of open-source specifications for a framework capable of bootstrapping and issuing identity to services across heterogeneous environments and organizational boundaries. The lifecycle of SPIFFE identities, SVIDs, is managed by SPIRE, a production-ready implementation of the SPIFFE APIs that performs node and workload attestation in order to securely issue SVIDs to workloads, and verify the SVIDs of other workloads, based on a predefined set of conditions.
HPE's adoption of Meshery has also been enhanced by the platform's ability to integrate with other popular technologies, such as SPIRE and Istio
SPIRE is an open-source project that provides a secure and scalable solution for service identity and authentication in distributed systems. HPE uses SPIRE to authenticate and authorize services in their Kubernetes environment, which ensures that only authorized services can communicate with each other.
Meshery's integration with SPIRE enables HPE to manage SPIRE instances, issue and revoke service certificates, and automate the management of SPIRE agents across their Kubernetes clusters. This integration ensures that HPE's service meshes are secure, and only authorized services can communicate with each other.
❝ With a goal to bring workload identity and attestation to all service meshes, HPE Security Engineering uses the Meshery's Extension to deploy their cloud native infrastructure of choice and test the performance of our SPIFFE and SPIRE-based identity solution. ❞
Maximiliano Churichi
Software Engineer at HPE
In addition, HPE's use of Meshery has been enhanced by its integration with Istio, an open-source service mesh that provides a comprehensive solution for traffic management, security, and observability in Kubernetes environments.
Meshery's integration with Istio enables HPE to manage Istio service meshes and configurations, automate the deployment of Istio components, and monitor and visualize Istio metrics and traces. This integration enables HPE to simplify the management of their Istio service meshes, ensure their security and compliance, and gain insights into their behavior for better decision-making.
Overall, HPE's adoption of Meshery, along with its integration with SPIRE and Istio, has enabled the company to streamline their service mesh management, ensure the security and compliance of their Kubernetes environment, and gain valuable insights into the behavior of their service meshes for improved performance and reliability.
Meshery also implements the Service Mesh Performance (SMP) specification
SMP is a community-driven effort that provides a standard for measuring and comparing the performance of different service meshes. It is designed to help users select the best service mesh for their needs by providing a common framework for benchmarking.
❝ The Layer5 team has been amazing. Our project wouldn’t have been successful with out Meshery. ❞
Yogi Porla
Engineering Manager, HPE
Meshery implements SMP by providing a simple and easy-to-use interface for running performance tests against different service meshes. Users can select the service mesh they want to test, configure the test parameters (such as the number of requests per second and the number of concurrent clients), and run the test. Meshery will then generate a report that shows the performance metrics for each service mesh, such as latency, throughput, and error rates.
By implementing SMP, Meshery provides a valuable tool for developers and operators who are evaluating different service meshes. Instead of having to create their own benchmarks, they can use SMP to get an objective and standardized view of each service mesh's performance characteristics. This can save a significant amount of time and effort, and help users make more informed decisions when choosing a service mesh.
Overall, HPE's use of Meshery and the Docker Extension for Meshery demonstrates the power of cloud native technologies and the importance of open source collaboration. By leveraging these tools, HPE has been able to streamline its development and deployment processes, improve performance and security, and stay at the forefront of the cloud native movement.
