Kubecon 2020: Istio Simplified

Kubecon 2020: Istio Simplified

This article serves as a summary for the session Istio Simplified at ServiceMeshCon, KubeCon Europe 2020. Session was presented by Louis Ryan from Google and Steve Dake from IBM.

Shift to monolith control plane

Google has been working on making Istio simpler to install, upgrade, administer and use.

Istio was built using microservices principles where it was divided into various components based on the functionality they provided. The diagram below shows various components of 1.4 version.

Image for post

Istio 1.4

This component division was made with the assumption that separate teams would deploy and administer each of the components. However, in reality, there is usually one team/person maintaining and administering Istio and they don’t make use of the flexibility provided by individual components. They just want to deploy, maintain and upgrade Istio. This is one of the example scenarios where microservices architecture may not be beneficial based on client usage.

So, in order to remove this over pivoted design that tries to accommodate one potential solution and make it simple for the primary user a shift to monolith architecture has been made:

  1. Mixer’s capabilities have been moved to envoy sidecar and gateways. This was done for performance and efficiency
  2. Galley’s functionality moved to Pilot
  3. Injector did not receive much of traffic and hence it was also merged into Pilot
  4. Node agent’s functionality flattened into Pilot Agent. Now pilot agent at startup it generates a private key by negotiating with Citadel and provides it to the sidecar
  5. Citadel is Istio’s builtin certificate authority. Customers prefer to run their own or third-party CA infrastructure and they want to use that for security reasons. Hence, Citadel was also merged into Pilot. Pilot still provides the API’s to provide Citadel’s functionality

kubecon kubernetes istio istio-service-tutorial service-mesh

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

50+ Useful Kubernetes Tools for 2020 - Part 2

Our original Kubernetes tool list was so popular that we've curated another great list of tools to help you improve your functionality with the platform.

Open Service Mesh — Microsoft’s SMI based Open Source Service Mesh Implementation

Microsoft’s Open Service Mesh is an SMI-compliant, lightweight service mesh being run as an open source project. Backed by service-mesh…

A Kubernetes Service Mesh Tool Comparison for 2020

Just as tech is revised and upgraded, so too should a tool comparison be. Service meshes act as the substrate to connect microservices, find the one for you.

From Service Mess to Service Mesh

For teams to monitor, support, and to maintain these services is becoming a challenge so most enterprises have invested in some kind of microservices management tool.

Service Mesh in Kubernetes - Pictorially

As part of my learning in devops space, I started exploring service mesh and recently did a podcast. Here is the blog version which I think will be useful for others to get the big picture. This post assumes you are aware of how kubernetes works at a high level