The cloud has opened up a world of new opportunities for enterprise. It’s also opened a world of new challenges, and probably no one is experiencing those challenges more acutely than your DevOps teams. As they work to deliver an endless stream of innovation, they’re relying heavily on microservices — apps developed in separate, easily managed pieces, rather than in the huge single programs of the past.
Microservices have liberated software development and made possible the groundbreaking offerings of Google, Netflix, PayPal and Twitter, to name just a few of the digital giants fully invested in microservice architecture. At the same time, though, microservices have introduced a slew of new headaches. The dividing of previously monolithic apps creates new apps with hundreds or thousands of moving parts that can be a nightmare to manage. The task of managing all that complexity can be simplified with the use of a service mesh. Which brings us to Istio.
Launched in May of 2017, Istio is an open-platform service mesh that simplifies the connection, management and security of the microservices it oversees. Istio can run in any cloud environment as well as in hybrid and on-premises environments. Managed Istio on Google Cloud means organizations will get Istio that’s automatically installed and upgraded on Google’s Kubernetes Engine container cluster management technology. Istio isn’t the only service mesh available, but it has the backing of Google, IBM, Red Hat and Lyft, so we can count on its current dominance to remain pretty much unassailable. In the short time it’s been available, Istio has firmly established itself as the go-to in microservices management.
The reasons for Istio’s success are clear. Istio radically simplifies the creation of deployed-service networks. You can now incorporate load balancing, service-to-service authentication, monitoring and more, all without the need for changes in your service code.
Istio’s strengths are seen across a network of services:
Traffic management. Istio simplifies rules configuration and traffic routing, allowing for the easy implementation of crucial items like A/B testing, canary rollouts and staged rollouts with percentage-based traffic splits. Istio also comes with failure recovery features designed to catch issues before they become serious.
Security. Istio offers an underlying secure communication channel that frees your developers to focus on security at the application level. Here, you get the management of authentication, authorization and encryption of service communication at scale. Your service communications are secured by default, allowing you to enforce your policies across diverse protocols and runtimes, with few or no changes to your applications. Though Istio is platform-independent, running it with Kubernetes gives you the added benefits of being able to secure pod-to-pod or service-to-service communication at the network and application layers.
Monitoring. Istio is built with rich automatic tracing, monitoring and logging to give you superior insights into your service mesh deployment. You’ll know exactly how service performance is affecting what happens both upstream and downstream, and the custom dashboards will let you see how the performance of your services is affecting a wide range of other processes.
In its very brief history, Istio has managed to popularize the notion of a service mesh in taming microservices, effectively becoming synonymous with the concept. Today, its speed of development and adoption is accelerating, with everyone from major cloud providers to independent contributors enthusiastically getting on board. To Istio founder Sven Mawson, the goal is clear: “We want to reach a future state where Istio is woven into every environment, with service management available no matter what environment or platform you use.”
Find out more about Pythian’s services and solutions for Google Cloud Platform.
Want to talk with a technical expert? Schedule a tech call with our team to get the conversation started.
Interested in working with Ron? Schedule a tech call.