Introducing TSE
TSE (Tetrate Service Express) is the service connectivity solution for Amazon EKS workloads. It provides a consistent, easy-to-automate way for enterprises to connect, secure and observe their services, within and across clusters, zones and AWS regions.
With TSE, you can:
- Define fine-grained access control, implementing zero trust as standard
- Publish services for external access, with full control over security and traffic management
- Audit changes to services and resources from start to finish
- Reliably author configuration changes, with one 'push' across all managed clusters
- Give each cluster its own Istio control plane and gateway, to prevent an issue in one cluster negatively impacting another
- Observe metrics, events, logs and traces to monitor performance and troubleshoot issues in near-real-time
Built on Istio, Operating at Scale
Tetrate Service Express (TSE) addresses the complexity and challenges of operating multiple Istio service meshes. It manages and controls the mesh configuration to present a consistent, scalable application networking platform for workloads on Amazon EKS and beyond.
Designed for at-scale and highly-dynamic operations, TSE wraps the benefits of Istio service mesh in an easy-to-use and highly-integrated platform. It enables application teams to work faster and more efficiently, within well-defined guardrails and services defined by the platform operator.
- Use TSE to define your infrastructure, using Edge and Ingress gateways to define the entry points for your services, and to control and secure traffic
- Use TSE to enforce a secure platform, with a deny-all-by-default zero-trust posture and mTLS enforced between all services
- Use TSE to create a highly-available platform, for all application services, both externally published and for internal use only
- Use TSE to deliver APIs from your applications, with authentication, rate limiting, HA and security built-in
- Use TSE to define the Application Developer user experience, with guardrails and a curated experience
- Use TSE to create a GitOps-driven publishing experience, pushing applications from a git-based source of truth