Istio is an open platform that provides a uniform way to connect, manage, and secure microservices.
Istio was established to provide developers with visibility into microservices without the need to change application code. The platform sits at the network level and uses a substrate for microservices development and maintenance. This allows for the decoupling of management from application development.
Since its launch, the Istio community has rolled out several updates that have fine-tuned its performance, with the platform currently sitting on version 0.7.
Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code. Istio gives you:
- Automatic load balancing for HTTP, gRPC, WebSocket, and TCP traffic.
- Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
- A pluggable policy layer and configuration API supporting access controls, rate limits and quotas.
- Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
- Secure service-to-service communication in a cluster with strong identity-based authentication and authorization.
Istio can be deployed on Kubernetes, Nomad with Consul. We plan to add support for additional platforms such as Cloud Foundry, and Apache Mesos in the near future.
Traditionally, much of the logic handled by Istio has been built directly into applications. Across a fleet of services, managing updates to this communications logic can be a large burden. Istio provides an infrastructure-level solution to managing service communications.
Application developers: With Istio managing how traffic flows across their services, developers can focus exclusively on business logic and iterate quickly on new features.
Service operators: Istio enables policy enforcement and mesh monitoring from a single centralized control point, independent of application evolution. As a result, operators can ensure continuous policy compliance through a simplified management plane.