Istio 1.5: What’s in it for Developers?
Istio is an open source service mesh platform. Idit Levine is the founder and CEO of Solo.io and works extensively with Istio. In this article, she recounts the latest Istio 1.5 release and what the addition of WebAssembly brings to developers working with service mesh.
In the cloud-native technology ecosystem, first came containers and Kubernetes and then challenges to how applications, developers, and operators interact with storage, networking, and security. Service Mesh has emerged, in particular, to solve the service-to-service communication challenge of distributed microservices. By abstracting the networking code from the business logic, the service mesh deploys a sidecar proxy next to each service to facilitate all incoming and outgoing traffic. This network of proxies is the data plane of the service mesh and how the network patterns are controlled (secured, shaped, and shifted) through a control plane.
Istio is an open source service mesh led by Google, IBM, and Lyft to connect, monitor, and secure microservices and has gained popularity among Kubernetes end users. Often referred to as being overly complex, Istio provides a robust feature set for controlling application traffic and has had a dedicated focus on improving usability (simplicity, performance) in 2019 and is continuing that path for 2020.
What’s New in Istio 1.5
The latest version, Istio 1.5, was released March 5 and carries forward the focus on improving the usability, security, and extensibility of Istio for end users, community, and the ecosystem. The highlights of this release include:
- Istiod consolidates the control plane into a single binary to simplify the install, run, and upgrade experience.
- A new model for extensibility with WebAssembly to provide a more flexible and efficient way to extend Istio and Envoy proxy.
- Easier to use with about a dozen improvements to istioctl (including the ability to install) and mTLS configuration.
- More secure with simplified and automatic mTLS, improvements to auth and removing the need to mount certs on every pod.
- Better observability with Telemetry v2 supporting metrics for TCP connections and enhanced support for gRPC workloads.