LYO-9959 Life of a packet through Istio | Devoxx

Life of a packet through Istio

Hands-on Labs

cldops Cloud ,Containers & Infrastructure

Istio is a service mesh for Kubernetes that offers advanced networking features. It provides intelligent routing, resiliency, and security features, so that service authors don't have to keep re-implementing them. Istio is rapidly taking off and there are great introductory talks everywhere. However in this session, we will dive deep to explore precisely how it does what it does, following one brave little packet in from the internet and back out again. At each point we’ll see how to configure the features of that component to exploit istio’s full potential. This will give a great insight into Istio's full power, and its fascinating architecture.

Over the course of the session, we will look at the following components and features, as our packet encounters them:

  • cloud / kubernetes networking
  • pod construction, namespaces, envoy interception
  • Pilot
  • Mixer
  • canaries
  • traffic splitting
  • circuit breaking
  • traffic mirroring
  • mTLS
  • istio ingress
  • istio egress
  • telemetry
Matt Turner Matt Turner

Matt is a software engineer at Tetrate, working on Istio-related products. He's been doing Dev, sometimes with added Ops, for 10 years. His idea of "full-stack" is Linux, Kubernetes, and now Istio too. He's given several talks and workshops on Kubernetes and Istio, and is a co-organiser of the Istio London meetup.