Home / Networking / ​Beyond Kubernetes: Istio network service mesh

​Beyond Kubernetes: Istio network service mesh


techrepublic


Kubernetes: The smart person’s guide

Kubernetes is a series of open source projects for automating the deployment, scaling, and management of containerized applications. Find out why the ecosystem matters, how to use it, and more.

Read More

First, Docker transformed how we ran applications. Then, Kubernetes changed how we managed containers. Now, the open-source project Istio is building on both to add a network service mesh.

Istio is built on the open-source Envoy proxy. This service mesh enables microservices sharing distributed applications to communicate and work with one another. As Matt Klein, Envoy’s creator wrote, Istio provides modern microservice and cloud-native applications with a “unified control plane that ties the pieces together in a coherent way.”

Istio also enables DevOps. In a soon-to-be-released blog, Google Cloud‘s Eric Brewer, VP Infrastructure, and Eyal Manor, VP of Engineering, point out that Istio provides vital DevOps framework “such as a common system for monitoring, logging, authorization, and billing.”

Also: Kubernetes: The smart person’s guide TechRepublic

Brewer and Manor go on: “You need tools to manage the collection of microservices, and to ensure consistent policies across them. More importantly, these policies need to be decoupled from the individual services, so that they can be more uniform and updated independently of the services.”

Istio does this at the network level. By working over the network, Istio makes it easy to integrate microservices with load balancing, service-to-service authentication, monitoring, and more, with no changes to the underlying code.

Brewer and Manor continue: “Istio offers visibility in the form of telemetry for monitoring and logs for your services, plus security by giving each service a strong identity based on its role, as well as enabling encryption by default. With that core functionality place, Istio can also be the basis for higher-level services, e.g., helping to enforce network security policies, or controlling software rollouts through canary deployments.”

This, in turn, means, “Istio also ensures a proper decoupling between development and operations, allowing operations teams to change the behavior of the system without actually changing the source code.”

Thus, Brewer and Manor said this decoupling of development and operations logic that Istio provides accomplishes two things: It allows your developers to focus on writing business logic, not infrastructure (thus making them more productive), and it gives your operations teams the tools they need to run your applications and services more reliably.

Also: The Docker and Kubernetes Certification Training Bundle CNET

Istio has already reached its 1.0 release. And, now it’s being deployed by such users as Descartes Labs, eBay, and AutoTrader UK. “Istio was a missing piece in the Kubernetes ecosystem. Kubernetes gave us the ability to distribute an application, but Istio gave us the ability to understand the application,” said Tim Kelton, a Descartes Labs co-founder, in a statement.

Google is pushing to bringing more users to Istio. Istio will be made available for Google Cloud users on Google Kubernetes Engine (GKE) in beta in December. On GKE, Istio layers a service mesh on your existing GKE clusters, and gathers telemetry on their containers. This data is then sent to Stackdriver or Prometheus. With these, you can monitor your Kubernetes-based microservices’ traffic, error rates, and latencies.

Google’s not the only company betting Istio is about to become important. IBM, Red Hat, and VMware are also working on improving the open-source network service mesh. It may well be that Istio may be an important part in IBM’s Red Hat post-acquisition hybrid-cloud plans.

Related stories:



Source link

About admin

I'm a 50 year old PLC programmer from Burnley, UK. I severed my time as an electrician in the baking industry and soon got involved with the up and coming technology of PLC's. Initially this was all based in the Uk but as the years went by I have gradually worked my way around the globe. At first it was mainly Mitsubishi with a bit of Modicon thrown in but these days the industry leaders seem to be the Allen Bradley range of PLC and HMI’s.

Check Also

Can Firefox survive in a Google world?

The red panda is the longtime mascot of Mozilla, developer of the Firefox browser. (Image: ...

Leave a Reply

Your email address will not be published. Required fields are marked *