Istio, an open-source platform that connects, manages and secures microservices announced its version 1.0. Istio provides service mesh for microservices from Google, IBM, Lyft, Red Hat, and other collaborators from the open-source community.
Popularly known as a service mesh, Istio collects logs, traces, and telemetry and then adds security and policy without embedding client libraries. Istio also acts as a platform which provides APIs that allows integration with systems for logging, telemetry, and policy.
Istio also helps in measuring the actual traffic between services including requests per second, error rates, and latency. It also generates a dependency graph to know how services affect one another.
Istio offers a helping hand to one’s DevOps team by providing them with tools to run distributed apps smoothly. Here’s a list of what Istio does for your team:
- Performs Canary rollouts for allowing the DevOps team to smoke-test any new build and ensure a good build performance.
- Offers fault-injection, retry logic and circuit breaking so that DevOps teams can perform more testing and change network behavior at runtime to keep applications up and running.
- Istio adds security. It can be used to layer mTLS on every call, adding encryption-in-flight with an ability to authorize every single call on one’s cluster and mesh.
What’s new in Istio 1.0?
Multi-cluster support for Kubernetes
Multiple Kubernetes clusters can now be added to a single mesh, enabling cross-cluster communication and consistent policy enforcement. The multi-cluster support is now in beta.
Networking APIs now in beta
Networking APIs that enable fine-grained control over the flow of traffic through a mesh are now in Beta. Explicitly modeling ingress and egress concerns using Gateways allows operators to control the network topology and meet access security requirements at the edge.
Mutual TLS can be easily rolled out incrementally without updating all clients
Mutual TLS can now be rolled out incrementally without requiring all clients of a service to be updated. This is a critical feature that unblocks adoption in-place by existing production deployments.
Istio’s mixer configuration has a support to develop out-of-process adapters
Updated authorization policies
Authorization policies which control access to services are now entirely evaluated locally in Envoy increasing their performance and reliability.
Recommended Install method
Helm chart installation is now the recommended install method offering rich customization options to adopt Istio on your terms.
Istio 1.0 also includes performance improvement parameters such as continuous regression testing, large-scale environment simulation, and targeted fixes.
Read more in detail about Istio 1.0 in its official release notes.