Istio: Up and Running

Book description

None

Publisher resources

View/Submit Errata

Table of contents

  1. Preface
    1. Who Should Read This Book
    2. Why We Wrote This Book
    3. Conventions Used in This Book
    4. Using Code Examples
    5. O’Reilly Online Learning
    6. How to Contact Us
    7. Acknowledgments
  2. 1. Introducing the Service Mesh
    1. What Is a Service Mesh?
      1. Fundamentals
    2. Sailing into a Service Mesh
      1. Client Libraries: The First Service Meshes?
      2. Why Do You Need One?
      3. Don’t We Already Have This in Our Container Platforms?
    3. Landscape and Ecosystem
      1. Landscape
      2. Ecosystem
      3. The Critical, Fallible Network
      4. The Value of a Service Mesh
    4. The Istio Service Mesh
      1. The Origin of Istio
      2. The Current State of Istio
      3. Cadence
      4. Releases
      5. Feature Status
      6. Future
      7. What Istio Isn’t
      8. It’s Not Just About Microservices
    5. Terminology
  3. 2. Cloud Native Approach to Uniform Observability
    1. What Does It Mean to Be Cloud Native?
      1. The Path to Cloud Native
      2. Packaging and Deployment
      3. Application Architecture
      4. Development and Operations Processes
      5. Cloud Native Infrastructure
    2. What Is Observability?
      1. Pillars of Telemetry
      2. Logs
      3. Metrics
      4. Traces
      5. Combining Telemetry Pillars
      6. Why Is Observability Key in Distributed Systems?
    3. Uniform Observability with a Service Mesh
      1. Client Libraries
      2. Interfacing with Monitoring Systems
  4. 3. Istio at a Glance
    1. Service Mesh Architecture
    2. Planes
      1. Istio Control-Plane Components
      2. Service Proxy
      3. Istio Data-Plane Components
      4. Gateways
    3. Extensibility
      1. Customizable Sidecars
      2. Extensible Adapters
    4. Scale and Performance
    5. Deployment Models
  5. 4. Deploying Istio
    1. Preparing Your Environment for Istio
      1. Docker Desktop as the Installation Environment
      2. Configuring Docker Desktop
    2. Installing Istio
      1. Istio Installation Options
      2. Registering Istio’s Custom Resources
      3. Installing Istio Control-Plane Components
      4. Deploying the Bookinfo Sample Application
      5. Deploying the Sample App with Automatic Sidecar Injection
      6. Networking with the Sample App
    3. Uninstalling Istio
    4. Helm-Based Installations
      1. Install Helm
      2. Install with Helm Template
      3. Confirming a Helm-Based Installation
      4. Uninstalling a Helm-Based Installation
    5. Other Environments
  6. 5. Service Proxy
    1. What Is a Service Proxy?
      1. An iptables Primer
    2. Envoy Proxy Overview
      1. Why Envoy?
    3. Envoy in Istio
    4. Sidecar Injection
      1. Manual Sidecar Injection
      2. Ad Hoc Sidecarring
      3. Automatic Sidecar Injection
      4. Kubernetes Init Containers
      5. Sidecar Resourcing
    5. Envoy’s Functionality
      1. Core Constructs
      2. Certificates and Protecting Traffic
  7. 6. Security and Identity
    1. Access Control
      1. Authentication
      2. Authorization
    2. Identity
      1. SPIFFE
    3. Key Management Architecture
      1. Citadel
      2. Node Agents
      3. Envoy
      4. Pilot
    4. mTLS
    5. Configuring Istio Auth Policies
      1. Authentication Policy: Configuring mTLS
      2. Authorization Policy: Configuring Who Can Talk to Whom
  8. 7. Pilot
    1. Configuring Pilot
      1. Mesh Configuration
      2. Networking Configuration
      3. Service Discovery
    2. Configuration Serving
    3. Debugging and Troubleshooting Pilot
      1. istioctl
      2. Troubleshooting Pilot
    4. Tracing Configuration
      1. Listeners
      2. Routes
      3. Clusters
  9. 8. Traffic Management
    1. Understanding How Traffic Flows in Istio
    2. Understanding Istio’s Networking APIs
      1. ServiceEntry
      2. DestinationRule
      3. VirtualService
      4. Gateway
    3. Traffic Steering and Routing
    4. Resiliency
      1. Load-Balancing Strategy
      2. Outlier Detection
      3. Retries
      4. Timeouts
      5. Fault Injection
    5. Ingress and Egress
      1. Ingress
      2. Egress
  10. 9. Mixer and Policies in the Mesh
    1. Architecture
      1. Enforcing Policy
    2. Understanding How Mixer Policies Work
      1. Reporting Telemetry
    3. Attributes
      1. Sending Reports
      2. Checking Caches
    4. Adapters
      1. In-Process Adapters
      2. Out-of-Process Adapters
    5. Creating a Mixer Policy and Using Adapters
      1. Mixer Configuration
      2. Open Policy Agent Adapter
      3. Prometheus Adapter
  11. 10. Telemetry
    1. Adapter Models
      1. Reporting Telemetry
    2. Metrics
      1. Configuring Mixer to Collect Metrics
      2. Setting Up Metrics Collection and Querying for Metrics
      3. Traces
      4. Disabling Tracing
    3. Logs
      1. Metrics
    4. Visualization
  12. 11. Debugging Istio
    1. Introspecting Istio Components
    2. Troubleshooting with a Management Plane
      1. Parlaying with kubectl
    3. Workload Preparedness
      1. Application Configuration
      2. Network Traffic and Ports
      3. Services and Deployments
      4. Pods
    4. Istio Installation, Upgrade, and Uninstall
      1. Installation
      2. Upgrade
      3. Uninstallation
    5. Troubleshooting Mixer
    6. Troubleshooting Pilot
    7. Debugging Galley
    8. Debugging Envoy
      1. Envoy’s Administrative Console
      2. 503 or 404 Requests
      3. Sidecar Injection
    9. Version Compatibility
  13. 12. Real-World Considerations for Application Deployment
    1. Control-Plane Considerations
      1. Galley
      2. Pilot
      3. Mixer
      4. Citadel
    2. Case Study: Canary Deployment
      1. Cross-Cluster Deployments
  14. 13. Advanced Scenarios
    1. Types of Advanced Topologies
      1. Single-Cluster Meshes
      2. Multiple-Cluster Meshes
      3. Use Cases
    2. Choosing a Topology
      1. Cross-Cluster or Multicluster?
      2. Configuring Cross-Cluster
      3. Configure DNS and Deploy Bookinfo
  15. Index

Product information

  • Title: Istio: Up and Running
  • Author(s): Lee Calcote, Zack Butcher
  • Release date:
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: None