Visualizing Istio external traffic with Kiali

Suppose that you have an application using several third party services to store files, send messages, write tweets, etc. It is useful to know how much traffic is going off your mesh to these services, for example, you might want to know how many requests are directed to twitter or how much data is being […]

Secure Control of Egress Traffic in Istio, part 1

This is part 1 in a new series about secure control of egress traffic in Istio that I am going to publish. In this installment, I explain why you should apply egress traffic control to your cluster, the attacks involving egress traffic you want to prevent, and the requirements for your system to do so. […]

Linkerd or Istio?

This week I set out to write a post comparing Istio and Linkerd, and I told myself: I’m going to create tables comparing features, and it’s going to be great and people will love and the world will be happier for a few seconds. I promised myself It was going to be a fair comparison […]

Using Gloo as an ingress gateway with Istio and mTLS (updated for Istio 1.1!)

Istio is a popular open-source service mesh with powerful service-to-service capabilities such as request-routing control, metric collection, distributed tracing, security, et. al. Istio also ships with an ingress-gateway component that makes it easy to get traffic into your service mesh. The Istio ingress gateway allows you to control what protocols, security requirements, and ports get […]

Announcing Istio 1.1

Since we released 1.0 back in July, we’ve done a lot of work to help people get into production. Not surprisingly, we had to do some patch releases (6 so far!), but we’ve also been hard at work adding new features to the product. The theme for 1.1 is Enterprise Ready. We’ve been very pleased […]

Architecting Istio 1.1 for Performance

Hyper-scale, microservice-based cloud environments have been exciting to build but challenging to manage. Along came Kubernetes (container orchestration) in 2014, followed by Istio (container service management) in 2017. Both open-source projects enable developers to scale container-based applications without spending too much time on administration tasks. Now, new enhancements in Istio 1.1 deliver scale-up with improved […]

How to automatically generate a new metric and a new log stream in Service Mesh

One of the advantage of deploying a microservice-based application in an Istio service mesh is to allow one to externally control service monitoring, tracing, request (version) routing, resiliency testing, security and policy enforcement, etc., in a consistent way across those services, for the application as a whole. In this blog we will focus on the […]

Use Istio traffic mirroring for quicker debugging

Often when an error occurs, especially in production, one needs to debug the application to create a fix. Unfortunately the input that created the issue is gone. And the test data on file does not trigger the error (otherwise it would have been fixed before delivery). Likewise if one is creating new code, one often […]

Istio and Kubernetes in production. Part 2. Tracing

In the previous post, we took a look at the building blocks of Service Mesh Istio, got familiar with the system, and went through the questions that new Istio users often ask. In this post, we will look at how to organize the collection of tracing information over the network. The first thing that developers […]

Jaeger integration in Kiali

Kiali has the ability to show traces obtained from Istio. Jaeger collects traces for monitoring and troubleshooting microservices-based distributed systems, and both Istio and Kiali use the data that Jaeger provides. Originally this was done via a separate tab in the UI. But that turned out to be impractical. So the Kiali team has been […]