Istio, Kubernetes, and Microservices are solutions that are a great match for building cloud native solutions. In this video, review how the pieces fit together and why there is such a need for a simple and efficient solution to accelerate microservice development and delivery.
- [Instructor] Istio's a new technology that helps people understand how to connect new applications. In modern application developments, there are a number of requirements and tools like Istio, which is a service mesh technology, are core to delivering these key requirements for application development and for application operations. First off, we have things like a need for distributed applications, applications that are separated out into multiple components. Often this is called microservices. But even in the microservices world, we see monolithic services that have this same paradigm.
They're separate applications and built in separate ways. Often we want to be able to manage upgrades and manage features releases in a more effective pattern using things like canary releases and blue green or red black release protocols. We want to be able to better manage security, especially as we start distributing these resources through all within one domain, potentially one cloud environment, for example. It's maybe not as critical, but as more teams start to develop these distributed applications having better security interaction is an important aspect of the system.
As we distribute the applications, another thing that happens is a need to have a better idea of how applications are communicating with each other. So being able to trace the communication between these different services. And of course, that helps us deliver better application robustness, as does being able to do things like inject faults into the environment so that we can see how a distributed application behaves. And lastly, as developers often you want to select the best application environment for the particular distributed component of the service that you're trying to build.
I believe really Istio helps you with all of these things specifically because it injects itself between all of the different distributed services. It is built around the concept of a unified proxy-based service router. And what that really is is a TCP-based forwarding router that can actually distribute traffic and separate the resources in a much more efficient fashion, really understanding exactly where any one connection needs to go. In addition, there's an embedded TLS authentication mechanism as a part of that proxy, and it's not just the classic server-based TLS where a client goes and communicates with a server, and understands that the server is who it says it is.
Instead, this is actually a two-way street. The client can also provide a proxy that's signed by a central authority. There's also the ability because all of the traffic is pushed through these proxies to actually start tracing the connection and learn about latency, and learn about failures. And of course once you've injected yourself into the forwarding path in the way that a proxy does, you have the ability to inject fault, and actually understand how faults affect your application and ensure that over time your application continues to run cleanly. Now, Istio is really good for an application like this.
This is an application called Bookinfo. It's a demo application that the Istio community actually provides and uses as a part of their test environment. And it highlights a number of the factors and benefits that an Istio environment provides. Firstly, you can see here that it is what is known as a polyglot application. We have applications written in multiple different languages and this is a somewhat contrived example, for sure, but it shows the idea that you can actually implement all these different languages and tie them all together using a tool like the Istio service mesh.
Now there are other ways of doing this. If you said well, let's get to a single application environment, a single software model, maybe we're going to do everything in Java. That's great, except for where Java doesn't excel. And in those cases, you'll want to start breaking this out. And that's the reason that polyglot applications are so interesting to people. Whether it's actually a microservice or not isn't really the key. The requirement is that we're really distributing these applications and tying these pieces together. So this is an application we will use during this course, specifically to look at the tracing aspects, how traffic travels through these different resources more than anything else.
And this is going to be a core component of how we look at some of the interactions. Basically, how can we get requests into the application, how can we redirect requests between one portion for example, the front page, the product page to back end services. Now we're going to simplify all of this in the actual modules, but this is the high level picture. And one of the reasons that people are looking at tools like Istio today.
- Adding Istio to a microservice
- Traffic routing and deployment
- Creating advanced route rules with Istio
- Modifying routes for Canary deployments
- Establishing MTLS credentials
- Connecting to non-MTLS services
- Connecting Istio to OpenTracing
- Improving microservice robustness
- Forcing aborts in specific applications