Istio in Action
Christian E. Posta
  • MEAP began September 2018
  • Publication in Summer 2019 (estimated)
  • ISBN 9781617295829
  • 375 pages (estimated)
  • printed in black & white

The definitive guide to understand Istio and when it's worth using it.

Andrea Cosentino
Many enterprise applications intertwine code that defines an app’s behavior with code that defines its network communication and other non-functional concerns. The “service mesh” pattern, implemented by platforms like Istio, helps you push operational issues into the infrastructure so the application code is easier to understand, maintain, and adapt. Istio in Action teaches you how to implement a full-featured Istio-based service mesh to manage a microservices application. With the skills you learn in this comprehensive tutorial, you’ll be able to delegate the complex infrastructure of your cloud-native applications to Istio!
Table of Contents detailed table of contents

Part 1

1. Introducing Istio Service Mesh

1.1. Optimize to go faster, safely

1.1.1. Microservices and APIs to build large systems

1.1.2. Automated testing

1.1.3. Containers

1.1.4. Continuous integration and Continuous Delivery

1.2. Challenges of going faster

1.2.1. Our cloud infrastructure is not reliable

1.2.2. Making service interaction resilient

1.2.3. Understanding what’s happening in real time

1.3. Solving these challenges with application libraries

1.3.1. Drawbacks to application-specific libraries

1.4. Pushing these concerns to the infrastructure

1.4.1. Don’t we already have this in our container platforms?

1.4.2. The application-aware service proxy

1.4.3. Meet Envoy proxy

1.5. What’s a service mesh?

1.6. Introducing Istio service mesh

1.6.1. How service mesh relates to Enterprise Service Bus

1.6.2. How service mesh relates to API gateway

1.6.3. Can I use Istio for non-microservices deployments?

1.6.4. What problems does service mesh NOT solve?

1.7. Summary

2. First steps with Istio

2.1. Deploying Istio on Kubernetes

2.1.1. Using Minikube for our samples

2.1.2. Getting the Istio distribution

2.1.3. Installing the Istio components into Kubernetes

2.2. Getting to know the Istio control plane

2.2.1. Istio Pilot

2.2.2. Ingress and Egress gateway

2.2.3. Istio Citadel

2.2.4. Istio Mixer

2.3. Deploy your first application in the service mesh

2.4. Exploring the power of Istio with resilience, observability, and traffic control

2.4.1. Istio observability

2.4.2. Istio for resiliency

2.4.3. Istio for traffic routing

2.5. Summary

3. Istio’s data plane: Envoy Proxy

3.1. What is Envoy Proxy

3.1.1. Envoy’s core features

3.1.2. Envoy compared to other proxies

3.2. Configuring Envoy

3.2.1. Static configuration

3.2.2. Dynamic configuration

3.3. Envoy in action

3.3.1. Envoy’s Admin API

3.3.2. Envoy request retries

3.4. How Envoy fits with Istio

3.5. Summary

Part 2

4. Istio Gateway: getting traffic into your cluster

4.1. Traffic ingress concepts

4.1.1. Virtual IPs: simplifying service access

4.1.2. Virtual Hosting: multiple services from a single access point

4.2. Istio Gateway

4.2.1. Specifying Gateway resources

4.2.2. Gateway routing with Virtual Services

4.2.3. Overall view of traffic flow

4.2.4. Istio Gateway vs Kubernetes Ingress

4.3. Securing Gateway traffic

4.3.1. HTTP traffic with TLS

4.3.2. HTTP redirect to HTTPS

4.3.3. HTTP traffic with mutual TLS

4.3.4. Serving multiple virtual hosts with TLS

4.4. TCP traffic

4.4.1. Exposing TCP ports on the Istio Gateway

4.4.2. Traffic routing with SNI an TLS

4.5. Summary

5. Traffic control: Fine-grained traffic routing between your services

6. Resilience: Solving application-networking challenges

7. Observability: Understanding runtime behavior of your services

8. Chaos testing

9. Policy

Part 3

10. Security

11. Debugging the service mesh

12. Advanced clusters

13. Multi-cloud deployments

14. Advanced policy

15. Advanced security: Configure custom CA/cert managers


Appendix A: Installation options

Appendix B: Control-plane lifecyle management

Appendix C: Istio compared to other service meshes

About the Technology

Cloud-native applications can include thousands of clustered containers, distributed components, and complex interactions. To build them effectively, developers need a new approach to infrastructural concerns like monitoring, storage, scaling, orchestration, and security. The Istio platform offers a configurable infrastructure layer called a service mesh that reliably and efficiently manages day-to-day concerns like service discovery, load balancing, encryption, authentication and authorization, circuit breakers, and more. Open source and cloud-ready, Istio is a welcome upgrade from manually managed microservices infrastructure.

About the book

Istio in Action is a comprehensive guide to handling authentication, routing, retrying, load balancing, collecting data, security, and other common network-related tasks using the Istio service mesh platform. With author Christian Posta’s expert guidance, you’ll experiment with a basic service mesh as you explore the features of Envoy, Istio’s service proxy. With helpful diagrams and hands-on examples, you’ll learn how to use this open-source service mesh to control routing, secure container applications, and monitor network traffic. You’ll also bring Istio to legacy systems without changes to your applications and discover how to use Istio in a multi-cloud world with the data layer deployed on a cluster like Kubernetes.

What's inside

  • Using Istio Pilot to configure service proxies
  • Features of the Envoy service proxy
  • Monitoring network traffic with Prometheus and Grafana
  • Applying Istio to legacy systems with no application changes
  • Using Istio with the data plane deployed on a cluster like Kubernetes

About the reader

For enterprise programmers familiar with containers, microservices, cloud deployment platforms, and text markup languages.

About the author

Christian Posta is a Chief Architect of cloud applications at Red Hat, an author, a blogger, a speaker, and an open-source enthusiast and committer. He also puts his expertise to good use helping companies deploy their enterprise systems and microservices.

Manning Early Access Program (MEAP) Read chapters as they are written, get the finished eBook as soon as it’s ready, and receive the pBook long before it's in bookstores.

placing your order...

Don't refresh or navigate away from the page.

FREE domestic shipping on three or more pBooks

If you are looking for how to setup and use Istio, this is the book for you.

Michael J. Haller

The perfect blend of how and why.

Morgan Nelson

Istio: how to use it, when to use it, what it is, and most importantly, what it is not.

Andrea Tarocchi