Google introduces Istio service mesh for cloud
Fri 26 May 2017
Google, in conjunction with IBM and Lyft, has introduced a new open-source infrastructure service mesh called Istio.
Istio provides users with a uniform means of managing and monitoring microservices. It can be deployed using Kubernetes container systems, on-premises, or with any cloud system. With Istio, developers have a service mesh that provides automatic load balancing, traffic control and encryption, telemetry and reporting, and fleet-wide policy enforcement.
The Istio product was created to assist developers with complications that can arise as large-scale applications are broken down into microservices. Challenges developers face may include load balancing, monitoring and reporting, and routing changes, all while ensuring that services meet requirements for compliance and security.
Having access to a service mesh, or infrastructure layer that is dedicated to communication between services, allows users to use centralized management to deploy microservices at any scale.
Google has its own service mesh, which it has used for deployments in YouTube, Gmail, Cloud PubSub and Cloud BigTable. As Eric Brewer, Vice President, Google Cloud said, “Google’s experience is that having a uniform substrate for developing and operating microservices is critical to our ability to scale while maintaining both feature velocity and reliability.”
Istio provides users with detailed monitoring data, which allows for consistent observation and reporting of performance metrics. It also enables performance analysis, hotspot detection and diagnosis of distributed failure modes. Automated load balancing helps to compensate for common failure modes, allowing developers to build services without simultaneously managing resiliency and network changes. Teams can operate independently toward a common end, each focusing on their own priorities, with automated processes and centralized management overviews available through the Istio dashboard.
Developers are also released from compliance and security concerns, as Istio allows secure and authenticated communications using a mutual TLS connection. Istio security is aligned with the SPIFFE secure production identity framework.
Istio is currently in development on GitHub, with a full release expected before the end of the year. Developers are invited to review, comment and contribute to the development of Istio during the development phase.
While Istio is intended to work in any and all cloud environments, it is initially working with an eye towards deployment with Kubernetes systems. Several companies have pledged to support the project including Red Hat, Weaveworks, Tigera and Datawire.