Apps

Managing microservices with Istio

Share this post:

Istio microservices managementNowadays, there are more and more developers adopting a microservices approach to build their applications.

One of the main drivers for this is the need to build cloud-native applications, which are continuously available and dynamically scalable. This approach helps the developers break the applications into small, manageable pieces that can be developed and managed independently by different teams.

A microservices approach has  a lot of benefits, but can also be complex. Before a service can be deployed into production, many data and control plane issues relating to the operability of the service must be resolved, including:

  • how to provide services discovery and request routing between different microservices
  • how to control and secure access to the application and to individual microservices
  • how to efficiently scale up (and down) microservices while maintaining connectivity and overall application resiliency
  • how to collect and send logging and monitoring data for later consumption
  • how to enable DevOps functions, such as Canary deployments, A/B testing and gradual rollouts or roll-backs

Traditionally, much of that functionality had to be invented or rediscovered by every new application team, with support codified into the different microservices. While this may be an achievable goal within the confines of a single application and source base, as applications grow more complex and microservices are implemented using different languages and runtimes, the work becomes tedious and open to error.

By implementing a common microservices fabric, Istio addresses many of the challenges faced by developers and operators as monolithic applications transition to a distributed microservices architecture.

The initial (0.1) release was just announced at the Glue 2017 Conference. It is a result of collaboration between IBM, Google and Lyft to provide traffic flow management, access policy enforcement and telemetery data aggregation between microservices. All those are achieved without requiring any changes to the application code.  Thus, developers can focus on business logic and quickly integrate new features.

Istio provides an infrastructure-level solution for managing all service-to-service communications. By deploying a special sidecar proxy to intercept and act on traffic between microservices throughout the environment, Istio provides a straightforward way to create a network of deployed services, often referred to as a “service mesh.” Istio automatically collects service metrics, logs and call traces for all traffic within a cluster, including cluster ingress and egress. The use of sidecar proxies enables a gradual and transparent introduction without architectural or application code changes.

The service mesh is configured and managed using Istio’s control plane functionality to deliver the required quality of service attributes, such as load balancing, fine-grain routing, service-to-service authentication, monitoring and more. Istio’s Mixer component provides a pluggable policy layer supporting fine-grain access controls, rate limits and quotas. Since Istio has a control on communication between services, it can enforce authentication and authorization between any pair of communication services,

Istio is not targeted at any specific deployment environment. During the initial stages of development, and as it currently stands, Istio supports Kubernetes-based deployments. However, it is being built to enable rapid and easy adaptation to other environments, such as VMs and Cloud Foundry.

How we got there and what’s next

Our journey to microservices fabric started with developing and open-sourcing Amalgam8. Amalgam8 provided service discovery, smart routing capabilities and controlled resiliency testing.

Istio is the next step in our journey, bringing more powerful functionality and capability around security, policy management, rate limiting, auditing and basic API management.

We are excited to continue to work on building and extending Istio. One of the goals is providing security policy enforcement together with data collection and analytics. It can be extremely helpful to reaching compliance in the cloud native deployments.

What  do you like about Istio. and what are the main challenges when it comes to building and operating microservices applications?

Learn more about Istio.

Related articles:

 

Add Comment
No Comments

Leave a Reply

Your email address will not be published.Required fields are marked *

More Apps Stories

4 reasons you need mainframe-connected APIs now

There’s a wealth of strategic business assets that reside on mainframes—and many companies are finding ways to extract value from them. Companies can expose assets through many channels including easy-to-consume APIs. Want to learn how your business can extract these assets? Read on. RESTful APIs (representational state transfer web services) can support existing and new […]

Continue reading

IBM Voice Gateway: New features revolutionize your cognitive call center

Improving customer support is a never-ending job. You must continually listen to your customers and pivot your business to adapt to their needs. One way to improve customer service is to use cognitive virtual agents. The use of these agents has been growing in the online space for a few years. And with the arrival […]

Continue reading

Why base capabilities are no longer enough for operations management

The business objectives of an IT or network operations team have not changed substantially for years or even decades. Measures like mean time to repair (MTTR) or budget use frequently can be reduced to time, money and quality of service. Fundamentally, IT and network teams must maximize the availability of high-quality services while minimizing the […]

Continue reading