What is Istio Service Mesh?
A service Mesh is a one-stop solution for all the problems caused by microservices. The problems include Traffic Management, security, Telemetry, etc. Before the advent of the service mesh , the development teams had to embed a self-written logic into the application. If the existing applications are already deployed into production a lot of code changes had to be made to implement the logic mentioned above. Istio is an open-source independent service mesh that provides the fundamentals you need to successfully run a distributed microservice architecture. Istio reduces the complexity of managing microservice deployments by providing a uniform way to secure, connect, and monitor microservices. Istio makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, with few or no code changes in service code. In this series of articles, we would be learning how to implement the istio service mesh in our Kubernetes cluster with real-time scenarios.
The Istio Service Mesh is divided into two components called data plane and control plane. All the Envoy Proxies come under the data plane. All the communication between microservices in your Kubernetes cluster happens through these proxies. The traffic between these Envoy Proxies is known as data plane traffic. The control plane components configure how the traffic is routed by the envoy proxies. In the earlier versions, the control plane components are deployed as Individual pods, with reference to Istio version 1.6 all these components are deployed as a single pod called istiod.
Some of the tasks performed by istiod
- It is responsible for converting the istio based YAML files into the configuration understandable by envoy proxies
- It is responsible for propagating these configurations to the envoy proxies at run time
- It is also responsible for managing and generating TLS certificates to allow Mutual TLS connections between envoy proxies in the data plane.
Some Important Features of Istio Service Mesh
- Traffic Routing Features
a) Request Routing
b) Fault Injection
c) Traffic Shifting
e) Traffic Mirroring
a) Certificate Management
b) Authorization and Authentication
3) Observability and Visualization of your Service Mesh
a) Kiali Dashboard
As we have now understood about Istio and its features let’s Install Istio in our Kubernetes Cluster and try out some real-time scenarios.
How to Install Istio using istioctl
- Weighted routing in Kubernetes using Istio
- Mirroring of Live Traffic in Kubernetes using Istio Traffic Mirroring
Introduction to Istio Service Mesh was originally published in TechManyu on Medium, where people are continuing the conversation by highlighting and responding to this story.