Istio

wikipedia:Istio (2017-2018) Service mesh provides a way to control how microservices share data with one another. Istio includes APIs that let it integrate into any logging platform, telemetry or policy system.

Istio runs in different environments: on-premise, cloud-hosted, in Kubernetes or in virtual machines,

Features

• Traffic management: Request routing, Fault Injection, Traffic Shifting, TCP traffic shifting, request timeouts, Circuit Breaking, Mirroring, Ingress, Egress
• Security
• Observability

History

Istio was started by teams from Google and IBM in partnership with the Envoy team from Lyft. And it’s been developed fully in the open on GitHub.

Architecture

Istio’s architecture is divided into the data plane and the control plane. In the data plane, Istio support is added to a service by deploying a sidecar proxy within your environment. This sidecar proxy sits alongside a microservice and routes requests to and from other proxies. Together, these proxies form a mesh network that intercepts network communication between microservices. The control plane manages and configures proxies to route traffic. The control plane also configures components to enforce policies and collect telemetry.^[1] Istio uses an extended version of the Envoy proxy. Envoy is proxy developed in C++^[2]

News

• December 2018, Istio launches as beta on GKE^[3]

Versions

https://istio.io/latest/news/releases/

• 1.5 (5 March 2020) https://istio.io/news/releases/1.5.x/announcing-1.5/
  • 1.5.1
  • 1.5.2
  • 1.5.3
  • 1.5.4
• 1.4 (14 November 2019) https://istio.io/news/releases/1.4.x/announcing-1.4/

• 1.0 (31 July 2018) https://istio.io/news/releases/1.0.x/announcing-1.0/
  • JWT Authentication

• 0.1 (24 May 2017)

Activities

• Read Istio vs. Linkerd vs. Consul Connect https://jpetazzo.github.io/2019/05/17/containers-microservices-service-meshes/
• Install Istio https://istio.io/docs/setup/getting-started/#download
• Read Istio related questions on Stackoverflow: https://stackoverflow.com/questions/tagged/istio?tab=Votes

Related terms

• Knative and Cloud Run (GCP)
• Red Hat OpenShift Service Mesh
• istioctl
• Envoy proxy
• Traefik
• Istio resources: Gateway, Sidecar
• Kiali Service mesh observability and configuration
• Amazon EKS Workshop

See also

• Istio, istiod, Istio Proxy, Linkerd and Consul Connect, Install Istio, istioctl, Istio versions, istioctl --help, istio.io, Istio service entry, pilot-agent
• Kubernetes networking: network policies, Network Policy Providers, CNI, Calico, flannel, Service mesh, Istio, kube-proxy, coredns, AWS VPC CNI: vpc-cni, Kubernetes: Ingress controllers, IPVS, ServiceTypes: LoadBalancer, ClusterIP, NodePort, ExternalName, Endpoints, EndpointSlices, Kubernetes DNS, svc.cluster.local, Weave Net
• Kubernetes: distributions, tools, CKA, CKS, Kubernetes interfaces: CSI, CNI, installation, workloads, networking, kubeadm, Kubernetes API, Kubernetes API Server, kubectl, kubeadm, kubelet, kube-proxy, Cloud services: EKS, GKE, TKE, DKS, Helm, Kubernetes RBAC, Kubernetes deployments, Minikube, Rancher, OpenShift, Charmed Kubernetes, Ingress, Kubernetes scheduler, Kubernetes Finalizers, logging, Kubernetes operator, Orka, kind:, Kubernetes namespaces, Kubernetes dashboard, Kubernetes Metrics Server, Field Selectors, CoreDNS, CRI, Kubernetes Topology Manager, Kubernetes governance: (SIG, KEP), Kustomize, controllers, ReadinessProbe, LivenessProbe, KOPS, K9s, Kui, k3s, ImagePullBackOff, PDB, EndPoints, Kots, metadata, Karpenter, Replicated.com, Kubernetes Authenticating, Kubernetes timeline, Changelog/Versions, service accounts, Kubernetes Pod Lifecycle, Kubernetes Conformance Certified, Kubernetes backup, Kubernetes Pod Security Admission, tEKS, Kubernetes events, Kubernetes ports, Kubernetes policies, Connect, addons, DoKC, Kubernetes control plane, Kubernetes Federation, Kubernetes info, Kubetest2, Sidecar (Kubernetes)
• Service mesh: Istio, Linkerd, Consul, containerpilot, AWS App Mesh, Kiali, INNOQ, Kuma, Kong Mesh