Posts under Istio
The Istio service mesh continues its quarterly release cadence with version 1.6. After major changes in release 1.5 to the control plane architecture, notably moving from a set of microservices to a monolithic Istiod service, and the introduction of a new, unified model for extending Istio and its Envoy proxies using WebAssembly, Istio 1.6 may seem tame in comparison, but it still offers a large number of smaller enhancements with a focus on operability.
Istio has become one of the most popular service meshes for securing and controlling network traffic in Kubernetes clusters. The releases of the past year have focused in large part on improving the performance of Istio and simplifying its installation, configuration, and management. Istio version 1.5, released on March 5, continues this trend towards operational maturity. This new release combines some major architectural and API changes with increased automation and tooling.
This post is a companion to the talk I gave at Cloud Native Rejekts NA ’19 in San Diego on how to work around common issues when deploying applications with the Istio service mesh in a Kubernetes cluster. The Istio Service Mesh The rise of microservices, powered by Kubernetes, brings new challenges. One of the biggest changes with distributed applications is the need to understand and control the network traffic these microservices generate.
The Istio working group just released Istio 1.4.0 ahead of KubeCon + CloudNativeCon North America in San Diego this week. This post summarizes how this latest version continues the project’s recent focus on improving the operability and performance of Istio for production users. Highlights Continued work on performance improvements with alpha support for Mixer-less telemetry A complete update to service authorization system with the new AuthorizationPolicy Support for Istio installation, control plane configuration, and upgrades in the istioctl command More troubleshooting support in istioctl Proxy sidecar stability and feature improvements Laying the Groundwork for Performance Improvements Istio 1.
In our previous blog post about the Istio service mesh, we provided an overview of Istio’s features and capabilities and why you may (and sometimes may not, at least not yet) want to use it as a service mesh in your Kubernetes clusters. In this post, we’ll dive a little deeper into how Istio can help improve the runtime security of the applications in a service mesh and where it fits in the broader picture of Kubernetes security controls and practices.
Anyone who has even a passing interest in Kubernetes and the cloud native ecosystem has probably heard of Istio. Getting a clear description of what exactly Istio is, what it can (and can’t) do, and whether it’s a technology you might need are all a little harder to find. Hopefully, this post will help clear up some of the confusion. The Istio Service Mesh What is a service mesh? The term “service mesh” can apply either to the set of overlapping network connections between services in a distributed application or to a set of tools used to manage that group of connected services.