Post on 21-Jan-2018
Istio!
Luke Marsden, Developer Experience@lmarsden
Developers
Users
Ship features fasterDevelopers
Users
Fix problems faster
Developers
Users
Developers
Users
competitiveness = speed of iteration
Service mesh• Your app normally has: • API server, needs securing with TLS • API client, needs retries • Load balancer to send traffic to the right place depending on
policies • Authentication and authorization • Circuit breaking • Monitoring instrumentation (Prometheus) • …
Service mesh• Service mesh says: • Move this into a sidecar!
Before
Kubernetes pod
Before
Kubernetes pod
Appcontainer
Before
Kubernetes pod
Appcontainer
TLS
Before
Kubernetes pod
Appcontainer
TLS
retries
Before
Kubernetes pod
Appcontainer
TLS
retries
metrics
Before
Kubernetes pod
Appcontainer
TLS
retries
metrics
Before
Kubernetes pod
Appcontainer
TLS
retries
metrics
Istio
After
Kubernetes pod
Appcontainer
TLS
retries
metrics
Benefits• Do it well once, rather than over and over
again • Save effort! • Microservices are polyglot • Don’t want to have to rewrite all that logic
in N different languages
Istio components• Envoy • Smart reverse proxy as shown • Mixer • “Control” service to which Envoys connect • Also: • Pilot for config, Istio-Auth for TLS...
Istio
Istio and Weave Cloud• Istio works great with Weave Cloud • Use Weave Cloud Explore to visualize Istio
in action • Have Weave Cloud Monitor handle the
long-term storage of Prometheus metrics • Demo…
What does Weave do?
Weave helps devops iterate faster with: • observability &
monitoring • continuous delivery • container networks &
firewalls
Weave Net provides a Kubernetes pod network & Network Policy implementation