## Description Istio-operator [has been officially deprecated](https://istio.io/latest/blog/2024/in-cluster-operator-deprecation-announcement) with v1.23 and it will not be supported for upgrades to 1.24 and later. However, 1.23 is a LTS (Long Term Service) release and will be supported until May 2025. Therefore, we must migrate to the new helm deploy structure which includes 5 potential charts (base, cni, istiod, ztunnel and gateway). For a sidecar-based deploy, this would include base, istiod and one or more instances of the gateway chart, while ambient mode would require all 5. ## Requirements/Scope - [x] Deployment of istio in its current sidecar model via `base`, `istiod` and `gateway` charts using the packages section of big bang. ## Epic Team Members - @kipten (lead) - @jimmy.bourque (lead) - All other Service Mesh Mission Team members ## Dependencies None ## Risks Migration from current operator-based deploy to new structure. ## Acceptance Criteria See Requirements ## Out of Scope - Other tasks that are not a part of the initial integration will be done as a part of https://repo1.dso.mil/groups/big-bang/-/epics/393 - Enablement of ambient mode and associated helm charts (cni, ztunnel). This will be done as part of https://repo1.dso.mil/groups/big-bang/-/epics/348 ## Related Issues and/or Epics A list of related issues, such as stories or tasks, that will contribute to the completion of the Epic. ## How this epic maps to P1 Vision or roadmap for Big Bang This epic directly maps to our long term goal of providing the Istio Service Mesh capability to Big Bang users for in cluster network traffic encryption. While istio is already included in big bang using the operator deployment pattern, operator is deprecated and support will be removed in the future. ## How does this proposed work benefit the enterprise using Big Bang and/or end user SRE? The enterprise using Big Bang can continue to use Istio Service Mesh without fear that their deployment pattern is no longer supported by the upstream project. ## How does this benefit the internal Big Bang team This epic does not really benefit the internal Big Bang team. It is more geared towards supporting our mission of keeping up with the latest tech in Kubernetes cluster security.