Skip to main content
logoTetrate Service BridgeVersion: next

Hosted and On-Premise Deployments

Tetrate Service Bridge (TSB) consists of three primary components:

  • The TSB Management Plane is either hosted by Tetrate on your behalf, or can be installed on-premise. The Management Plane provides UI, CLI and API access to manage your mesh configuration and visualize traffic and events

  • The TSB Control Plane is installed onto each kubernetes cluster that you wish to manage with the TSB Management Plane. These clusters are provided and managed by you. The Control Plane shares state to the central Management Plane, and it configures the mesh and gateways on the local cluster

  • The TSB Data Plane consists of Tetrate-managed gateways that are installed on your Kubernetes clusters. Gateways can function as one of:

    • Edge / Tier1 Gateway - An Edge Gateway is used to publish your services to external clients.
    • App / Tier2 / Ingress Gateway - The App Gateways are installed on each of your workload clusters and are used to expose services from that cluster.
    • Egress Gateways - The Egress Gateways are used to control traffic that leaves your cluster to external (non-mesh) services.
    • East-West Gateways - East-West gateways are used to manage traffic within the mesh, between clusters.
    • Transit Gateway - where necessary, Transit Gateways bridge disconnected networks so that clusters can reach gateways on remote clusters

These components are used to reliably deliver applications and services to internal and external clients.

Comparing On-Premise and Hosted Deployments

Deployment ModelTetrate Management PlaneUser's Workload Clusters
Hosted Management PlaneHosted and managed by Tetrate in Tetrate's cloud environmentHosted and managed by the user in their cloud or on-prem environments
On-Premise Management PlaneHosted and managed by the user in a K8s clusterHosted and managed by the user in their cloud or on-prem environments

The primary difference between on-prem and hosted is that with hosted, Tetrate hosts the TSB Management Plane for you in a secured, compliant cloud platform. This reduces the complexity of owning and operating the TSB solution:

  • Hosted Tetrate Management Plane and associated configuration and metrics databases are deployed in per-user, dedicated kubernetes clusters.
  • Software updates and security fixes are applied by the Tetrate team, and any necessary maintenance windows are coordinated with the user.
  • Tetrate manages scaling and availability incidents with our experienced SRE team.

Whereas a on-premise installation offers a range of flexibility and integrations which you can customize extensively, the hosted Management Plane embodies Tetrate's best practices and provides a well-defined, 'golden path' set of options that meets most deployment needs.

Hosted Management Plane architecture

Hosted Management Plane architecture

The Tetrate team does not have visibility of your configuration or metrics, and does not have administrative access to your TSB management plane. This can be enabled on a case-by-case basis when needed, coordinating with your own technical team, and may be used for debugging and support purposes.

Self-hosted (on-prem) Management Plane

Alternatively, you can deploy the TSB Management Plane yourself, on your own infrastructure. This approach is suitable for users who have specific governance or security policies that would prevent them from using such a sensitive system on external infrastructure.

Installation and Operation

Installation

Operation

If you use the Tetrate-hosted Management Plane, you will be provided with the details of the Management Plane and the login credentials. If you do not have these, please contact your Account Representative or Tetrate Support.

The operation of the Tetrate Service Bridge solution is identical, whether you use the Hosted or On-Prem instance. Please refer to Tetrate Support if you need assistance identifying the management plane components (such as API endpoints and credentials).