Service mesh with Istio and Kubernetes

Istio is a service mesh for distributed application architectures, especially the ones that you run on the cloud with Kubernetes.

Istio is the coolest kid on the DevOps block and the tool that we need in our toolbox to address most of the communication issues for distributed applications.

Istio provides the following functionality in a distributed application architecture:

  • Service discovery — Traditionally provided by platforms like Netflix Eureka or Consul.

  • Automatic load balancing — You might have used Netflix Zuul for this.

  • Routing, circuit breaking, retries, fail-overs, fault injection — Think of Netflix Ribbon, Hytrix and so on.

  • Policy enforcement for access control, rate limiting, A/B testing, traffic splits, and quotas — Again you might have used Zuul to do some of these.

  • Metrics, logs, and traces — Think of ELK

  • Secure service-to-service communication — Replacing the manual TLS configuration

  • Authentication and Authorization — good by Spring Security

I am maintaining an open-source project that provides solutions for common communication challenges. The idea of this project is to provide you with bootstrap for your next distributed system architecture. This project will definitely help you to get an understanding of how to solve distributed application challenges using Istio and save you a lot of time in setting up your next service mesh.

I have prepared an application example to simulate different issues where we could solve all issues step by step in an educative way.

We will see how to secure the communication within the cluster, open the circuit breaker to not send the request to a failed service, monitor external calls, see load balancing in action, add fault injection, manage traffic to a different version of the app, secure access to use the JWT token, write custom logs, and, finally how to monitor your application using Kibana, Kiali, and Jagger.

This course will provide an overview of what is possible to achieve with Istio and how to achieve those but will not go into details of each operation. To a deep explanation of each functionality check this excellent course Istio hands-on for Kubernetes

Leave a Reply