Many enterprise applications intertwine code that defines an app’s behavior with code that defines its network communication and other non-functional concerns. The “service mesh” pattern, implemented by platforms like Istio, helps you push operational issues into the infrastructure so the application code is easier to understand, maintain, and adapt. Istio in Action teaches you how to implement a full-featured Istio-based service mesh to manage a microservices application. With the skills you learn in this comprehensive tutorial, you’ll be able to delegate the complex infrastructure of your cloud-native applications to Istio!
The definitive guide to understand Istio and when it's worth using it.
1. Introducing Istio Service Mesh
1.1. Optimize to go faster, safely
1.1.1. Microservices and APIs to build large systems
1.1.2. Automated testing
1.1.4. Continuous integration and Continuous Delivery
1.2. Challenges of going faster
1.2.1. Our cloud infrastructure is not reliable
1.2.2. Making service interaction resilient
1.2.3. Understanding what’s happening in real time
1.3. Solving these challenges with application libraries
1.3.1. Drawbacks to application-specific libraries
1.4. Pushing these concerns to the infrastructure
1.4.1. Don’t we already have this in our container platforms?
1.4.2. The application-aware service proxy
1.4.3. Meet Envoy proxy
1.5. What’s a service mesh?
1.6. Introducing Istio service mesh
1.6.1. How service mesh relates to Enterprise Service Bus
1.6.2. How service mesh relates to API gateway
1.6.3. Can I use Istio for non-microservices deployments?
1.6.4. What problems does service mesh NOT solve?
2. First steps with Istio
2.1. Deploying Istio on Kubernetes
2.1.1. Using Minikube for our samples
2.1.2. Getting the Istio distribution
2.1.3. Installing the Istio components into Kubernetes
2.2. Getting to know the Istio control plane
2.2.1. Istio Pilot
2.2.2. Ingress and Egress gateway
2.2.3. Istio Citadel
2.2.4. Istio Mixer
2.3. Deploy your first application in the service mesh
2.4. Exploring the power of Istio with resilience, observability, and traffic control
2.4.1. Istio observability
2.4.2. Istio for resiliency
2.4.3. Istio for traffic routing
3. Istio’s data plane: Envoy Proxy
3.1. What is Envoy Proxy
3.1.1. Envoy’s core features
3.1.2. Envoy compared to other proxies
3.2. Configuring Envoy
3.2.1. Static configuration
3.2.2. Dynamic configuration
3.3. Envoy in action
3.3.1. Envoy’s Admin API
3.3.2. Envoy request retries
3.4. How Envoy fits with Istio
4. Istio Gateway: getting traffic into your cluster
4.1. Traffic ingress concepts
4.1.1. Virtual IPs: simplifying service access
4.1.2. Virtual Hosting: multiple services from a single access point
4.2. Istio Gateway
4.2.1. Specifying Gateway resources
4.2.2. Gateway routing with Virtual Services
4.2.3. Overall view of traffic flow
4.2.4. Istio Gateway vs Kubernetes Ingress
4.3. Securing Gateway traffic
4.3.1. HTTP traffic with TLS
4.3.2. HTTP redirect to HTTPS
4.3.3. HTTP traffic with mutual TLS
4.3.4. Serving multiple virtual hosts with TLS
4.4. TCP traffic
4.4.1. Exposing TCP ports on the Istio Gateway
4.4.2. Traffic routing with SNI an TLS
5. Traffic control: Fine-grained traffic routing between your services
6. Resilience: Solving application-networking challenges
7. Observability: Understanding runtime behavior of your services
8. Chaos testing
11. Debugging the service mesh
12. Advanced clusters
13. Multi-cloud deployments
14. Advanced policy
15. Advanced security: Configure custom CA/cert managers
Appendix A: Installation options
Appendix B: Control-plane lifecyle management
Appendix C: Istio compared to other service meshes
About the TechnologyCloud-native applications can include thousands of clustered containers, distributed components, and complex interactions. To build them effectively, developers need a new approach to infrastructural concerns like monitoring, storage, scaling, orchestration, and security. The Istio platform offers a configurable infrastructure layer called a service mesh that reliably and efficiently manages day-to-day concerns like service discovery, load balancing, encryption, authentication and authorization, circuit breakers, and more. Open source and cloud-ready, Istio is a welcome upgrade from manually managed microservices infrastructure.
About the bookIstio in Action is a comprehensive guide to handling authentication, routing, retrying, load balancing, collecting data, security, and other common network-related tasks using the Istio service mesh platform. With author Christian Posta’s expert guidance, you’ll experiment with a basic service mesh as you explore the features of Envoy, Istio’s service proxy. With helpful diagrams and hands-on examples, you’ll learn how to use this open-source service mesh to control routing, secure container applications, and monitor network traffic. You’ll also bring Istio to legacy systems without changes to your applications and discover how to use Istio in a multi-cloud world with the data layer deployed on a cluster like Kubernetes.
- Using Istio Pilot to configure service proxies
- Features of the Envoy service proxy
- Monitoring network traffic with Prometheus and Grafana
- Applying Istio to legacy systems with no application changes
- Using Istio with the data plane deployed on a cluster like Kubernetes
About the readerFor enterprise programmers familiar with containers, microservices, cloud deployment platforms, and text markup languages.
placing your order...Don't refresh or navigate away from the page.
If you are looking for how to setup and use Istio, this is the book for you.
The perfect blend of how and why.
Istio: how to use it, when to use it, what it is, and most importantly, what it is not.