Istio
Starter tour on KataCoda.com
Pre-install Kubernetes
Istio 0.2.7 architecture
The previous step deployed the Istio Pilot, Mixer, Ingress-Controller, and Egress-Controller, and the Istio CA (Certificate Authority).
Pilot 飞行员 - Responsible for configuring the Envoy and Mixer at runtime.
Envoy 全权使者 - Sidecar proxies per microservice to handle ingress/egress traffic between services in the cluster and from a service to external services. The proxies form a secure microservice mesh providing a rich set of functions like discovery, rich layer-7 routing, circuit breakers, policy enforcement and telemetry recording/reporting functions.
Mixer 混合器 - Create a portability layer on top of infrastructure backends. Enforce policies such as ACLs, rate limits, quotas, authentication, request tracing and telemetry collection at an infrastructure level.
Ingress/Egress 入口/出口 - Configure path based routing.
Istio CA 证书机构 - Secures service to service communication over TLS. Providing a key management system to automate key and certificate generation, distribution, rotation, and revocation
The overall architecture is shown below.
Istio Addons
Prometheus
grafana
servicegraph
zipkin
Sample Application
details service ratings service reviews service productpage service ingress: gateway
Never miss a story from us, subscribe to our newsletter