Learning about Istio Service Mesh

According to Istio (istio.io), the term Service Mesh describes the network of microservices that make up such applications and the interactions between them. As your container environment increases in size and complexity, it becomes progressively harder to understand and manage as requirements grow. Requirements include discovery, load balancing, failure recovery, metrics collection, and monitoring. A Service Mesh can help with these and includes some even more complex operational requirements, like A/B testing, progressive or canary releases, rate limiting, access control, and end-to-end authentication. Istio, for example, leverages Envoy sidecars to provide fine-grained control of routing, ACLs and monitoring.

The de facto standard is Istio which is stable and feature-rich despite being a 1.0 release. The current version is 1.0.6 but a 1.1 preview is available as well.

• Consistent routing. A consistent way to deal with routing rules across the ecosystem across various applications.
• Security. To ensure that only the services that are supposed to communicate with each other can communicate.
• Resiliency. The mesh includes load‑balancing functionality and works with a service discovery protocol to detect services as they come up and age them gracefully when they disappear.
• Monitoring. The ability to do end‑to‑end monitoring – tracking a packet as it traverses the network. You can quickly identify the service causing a failure if you have multiple services chained together.

See https://istio.io/docs for more information and an excellent how-to for installing Istio.

One of the most important advantages of the Istio Service Mesh is that applications do not need to implement their security mechanisms but can manage security ACLs (Authentication Policies and Destination Rules) at the infrastructural level. It also manages telemetry and performance information.

The best way to learn something is to do it, and I have been working with this for the past couple of months. I’d like to share some thoughts and lessons learned with a walk through of some simple tasks which highlight a mesh’s value. You can get a good overview using the provide demo examples found on the Istio website.