We’re looking into a multi-tenant kubernetes cluster solution for developers, where each developer has their own private namespace that should be independent of every other developer/namespace in the cluster.
Would there be any problems with each developer installing/configuring Istio separately into their own namespace? Would this “just work” as expected == providing a private, independent service mesh per namespace?
multi-tenant kubernetes cluster solution for developers, where each developer has their own private namespace that should be independent of every other developer/namespace in the cluster.
FWIW: this is exactly what Maistra supports… it adds some easy to use multi-tenancy capabilities and integrates everything (Jaeger, Kiali, etc) for multi-tenancy support allowing devs to “own” their own namespaces without requiring them to have admin capabilities in the control plane or access to other devs’ namespaces. If you aren’t on OpenShift, I’m not sure how easy it is to get Maistra to work (not sure what support there is for other k8s env) - but if you are on OpenShift, Maistra’s Istio implementation is perfect for what you want.